figma-sync

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The synchronization workflows described in the skill involve processing external data from Figma (such as component names, descriptions, and variables), which represents a potential surface for indirect prompt injection if the source design files are compromised.
  • Ingestion points: Figma metadata, component properties, and variable collections accessed via the bridge API as described in SKILL.md.
  • Boundary markers: The documented patterns do not include explicit delimiters or safety instructions to distinguish design data from agent commands.
  • Capability inventory: The workflows include updating a local design system registry and executing Figma Plugin API calls.
  • Sanitization: No sanitization or data validation steps are mentioned in the synchronization logic provided.
  • [NO_CODE]: The skill consists of documentation and metadata without any attached scripts or executable binaries.
  • [EXTERNAL_DOWNLOADS]: The skill manifest references the author's own repository at github.com/sarveshsea/memi as the source for the memi CLI tool used in the synchronization patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 09:48 PM