Skills
skills/aradotso/design-skills/sunnyside-figma-context-mcp/Gen Agent Trust Hub

sunnyside-figma-context-mcp

Warn

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone source code from an unverified GitHub repository: https://github.com/tercumantanumut/sunnysideFigma-Context-MCP.
  • [COMMAND_EXECUTION]: The installation and setup flow requires executing shell commands (npm install, npm run build, npm start) on code retrieved from an untrusted external source.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it ingests untrusted data from external sources and uses it to generate executable code.
  • Ingestion points: Figma REST API (get_figma_data) and the local Figma Plugin HTTP/SSE endpoints.
  • Boundary markers: None identified; there are no instructions for the agent to ignore or delimit embedded instructions in the Figma design data.
  • Capability inventory: The skill documentation describes writing components to the local filesystem (writeFile in usage patterns), making network requests to Figma, and executing shell commands during setup.
  • Sanitization: Not documented; properties from Figma nodes (names, layout properties, tokens) are directly interpolated into generated React and Tailwind code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 03:06 PM