figma-generate-library

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data by scanning React component files in the src/components/ and generated/ directories to identify props, variants, and Tailwind classes.
  • Ingestion points: The agent reads local source code files (SKILL.md, Step 2).
  • Boundary markers: No specific delimiters or instructions to ignore embedded content within the source files are defined.
  • Capability inventory: The skill uses figma_batch_create_variables, use_figma, and add_code_connect_map to modify Figma design files and project configuration (SKILL.md, Steps 3, 4, and 6).
  • Sanitization: No explicit sanitization or validation of the ingested code content is described prior to property mapping.
  • [COMMAND_EXECUTION]: The skill utilizes several domain-specific CLI tools and tool calls such as memi connect, get_code_connect_map, and memi spec. These appear to be legitimate project-specific tools provided by the author to maintain design-code parity.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 09:47 PM