figma-implement-design
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill integrates with well-known official infrastructure from Figma (
mcp.figma.com) to retrieve design data. All external references are to official Figma developer documentation and help centers. - [SAFE]: The setup process uses standard CLI commands (
codex) for configuring the Model Context Protocol (MCP) environment and managing OAuth authentication with the service provider. - [SAFE]: Instructions are strictly scoped to technical implementation tasks such as parsing Figma URLs, mapping design tokens, and validating visual layouts against provided screenshots.
- [SAFE]: Inherent Indirect Prompt Injection Surface: The skill ingests untrusted data from Figma nodes which could theoretically contain malicious instructions.
- Ingestion points:
get_design_contextandget_metadatainSKILL.mdpull content from external Figma files. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when processing node content.
- Capability inventory: The agent has the capability to write and modify code files within the local project directory based on the fetched data.
- Sanitization: No explicit sanitization or validation of the fetched node content is performed before processing. This surface is considered safe as it is essential to the primary function of the skill and relies on user-provided sources.
Audit Metadata