figma-use-slides
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill instructions and reference documents shows no evidence of malicious intent or harmful patterns. The skill focuses on assisting the agent with design principles, coordinate systems, and API-specific limitations for Figma Slides.
- [INDIRECT_PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill provides scripts to read text content from user-controlled Figma slides.
- Ingestion points:
SKILL.mdincludes a script to find all text nodes and extract theircharactersproperty. - Boundary markers: Absent. The skill does not instruct the agent to ignore instructions embedded within the extracted text.
- Capability inventory: The agent has the ability to execute Plugin API code via the
use_figmatool and perform file operations. - Sanitization: Absent. The scripts return raw text data directly to the agent's context.
- [SAFE]: A developer TODO comment in
references/slide-properties.mdreferences an internal source code path (share/plugin-api/src/api/constants.ts). This is an accidental leak of internal metadata but does not constitute a security threat or malicious poisoning.
Audit Metadata