skills/jeremylongshore/claude-code-plugins-plus-skills/anima-reference-architecture/Snyk

anima-reference-architecture

Warn

Audited by Snyk on May 19, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests user-generated Figma content via the Figma API/webhooks (see pipeline/scanner.ts and webhooks/figma-handler.ts) and uses that content to drive code generation (pipeline/generator.ts), so untrusted third-party designs could indirectly inject instructions affecting actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 19, 2026, 10:59 PM

Issues

1

Security Audit — snyk — anima-reference-architecture