figma-ds-rules

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to read existing repository instructions and codebase conventions. This creates an indirect prompt injection surface where instructions embedded in those files could attempt to influence the agent's behavior. However, the skill explicitly directs the agent to separate project facts from unverified assumptions and generic preferences to mitigate this risk.
  • [EXTERNAL_DOWNLOADS]: The skill references the official Figma MCP server guide on GitHub (github.com/figma/mcp-server-guide) and Figma's developer documentation. These are well-known and trusted resources used to synchronize repository rules with upstream design system standards.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 09:48 PM