skills/figma/dev-mode-mcp-server-guide/figma-generate-design/Snyk

figma-generate-design

Warn

Audited by Snyk on May 14, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.70). The skill's "Parallel Workflow with generate_figma_design" section explicitly requires running a capture of the running web app (browser-rendered pages) and importing rasterized images/imageHash values from that capture into Figma, which ingests external web content and uses it to guide image transfers and layout/validation decisions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 14, 2026, 12:55 AM

Issues

1

Security Audit — snyk — figma-generate-design