figma
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted design data fetched from Figma URLs through tools like
get_design_context. This creates an attack surface where design node metadata could contain instructions intended to influence the agent's code generation. Capabilities include translating this data into React and Tailwind code and applying it to the local project. No explicit boundary markers or sanitization routines are defined in the instructions to separate design content from system prompts. - [PERSISTENCE_MECHANISMS]: In
references/figma-mcp-config.md, the skill provides instructions for the user to manually export and persist theFIGMA_OAUTH_TOKENin shell profile files like~/.zshrcor~/.bashrc. This is a documented setup procedure for the user to enable consistent authentication for the tool.
Audit Metadata