Skills
skills/aradotso/design-skills/figmalint-design-system-auditing/Gen Agent Trust Hub

figmalint-design-system-auditing

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from Figma components (such as layer names, properties, and descriptions) and passes it to an LLM for analysis.
  • Ingestion points: Component node data is ingested via the analyzeComponentNode function in SKILL.md.
  • Boundary markers: The provided code snippets do not include delimiters or instructions to ignore embedded commands within the component data.
  • Capability inventory: The plugin has the capability to modify the Figma document via applyLayerRename and bindHardCodedValueToToken, and can perform network requests through callAIProvider and fetch (SKILL.md).
  • Sanitization: No sanitization or validation of the ingested component content is demonstrated before it is used in prompt construction.
  • [DATA_EXFILTRATION]: The skill provides implementation examples for syncing data to external documentation platforms using network requests.
  • Evidence: The 'Design System Documentation Sync' example in SKILL.md uses the fetch API to send component markdown to a dynamic platform URL.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:48 PM