figma-prototype
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill's workflow involves reading screen specifications from the
specs/pages/directory to generate prototypes. This represents a surface for indirect prompt injection where malicious instructions embedded in specifications could influence the agent's behavior. - Ingestion points: Reads external data from the
specs/pages/directory (SKILL.md). - Boundary markers: Absent; no instructions are provided for the agent to treat the imported specification data as untrusted or to ignore embedded instructions.
- Capability inventory: The skill utilizes the
use_figmatool to modify design files and executes shell commands using thememiCLI (SKILL.md). - Sanitization: No explicit sanitization, validation, or filtering of the specification content is mentioned.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local commands using the
memiCLI tool for generating HTML prototypes and creating architectural documentation. - Evidence: Use of
memi prototype,memi spec page, andmemi ia createcommands within the workflow instructions (SKILL.md).
Audit Metadata