figma-use
Warn
Audited by Socket on Jul 15, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: The core Figma-editing purpose is coherent, and official Figma MCP usage is legitimate. Risk comes from mixing in a third-party MCP/bridge, mutable install provenance, and plugin-wide metadata broadcasting that broadens data flow beyond what an ordinary Figma canvas skill strictly requires.
Confidence: 84%Severity: 61%
Audit Metadata