figma-use-slides
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and code examples for the Figma Slides API. All reviewed files adhere to standard practices and use the figma global object in a safe, intended manner.
- [SAFE]: The skill involves reading and processing user-generated content from Figma Slides files, which is an inherent part of its functionality. This represents a potential surface for indirect prompt injection, but the risk is managed by the execution environment.
- Ingestion points: Text content and slide metadata are read from Figma files using use_figma scripts (see SKILL.md and references/slide-gotchas.md).
- Boundary markers: None explicitly defined in the provided snippets.
- Capability inventory: The skill can modify file structure and content through various Figma API calls such as createSlide, createText, and appendChild (see references/slide-content.md and references/slide-lifecycle.md).
- Sanitization: No explicit sanitization of ingested text is shown in the examples, which is typical for structural API interaction instructions.
Audit Metadata