figma-mcp-bridge
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches the MCP server component from the official '@gethopp' NPM package and references a plugin release on their GitHub repository. These sources are associated with a well-known technology organization.
- [COMMAND_EXECUTION]: The skill involves running an MCP server via 'npx' and provides a 'save_screenshots' tool that enables the agent to write image files to the local filesystem.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes external data from Figma documents that could contain malicious instructions.
- Ingestion points: Figma document content is ingested through tools like 'get_document', 'get_node', and 'get_selection'.
- Boundary markers: No specific delimiters or warnings to ignore embedded instructions are present in the skill.
- Capability inventory: The skill includes 'save_screenshots', which allows writing to the filesystem.
- Sanitization: No validation or sanitization of the Figma document data is specified.
Audit Metadata