figma-sync
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The synchronization workflows described in the skill involve processing external data from Figma (such as component names, descriptions, and variables), which represents a potential surface for indirect prompt injection if the source design files are compromised.
- Ingestion points: Figma metadata, component properties, and variable collections accessed via the bridge API as described in
SKILL.md. - Boundary markers: The documented patterns do not include explicit delimiters or safety instructions to distinguish design data from agent commands.
- Capability inventory: The workflows include updating a local design system registry and executing Figma Plugin API calls.
- Sanitization: No sanitization or data validation steps are mentioned in the synchronization logic provided.
- [NO_CODE]: The skill consists of documentation and metadata without any attached scripts or executable binaries.
- [EXTERNAL_DOWNLOADS]: The skill manifest references the author's own repository at
github.com/sarveshsea/memias the source for thememiCLI tool used in the synchronization patterns.
Audit Metadata