The Agent Skills Directory

[SAFE]: The skill operates entirely within the Figma Plugin API environment. All operations use the global figma object to modify design tokens, with no evidence of unauthorized file system access or network exfiltration.
[SAFE]: No obfuscation, prompt injection, or malicious persistence mechanisms were detected. The JavaScript code is transparent and follows standard conventions for Figma plugin development.
[SAFE]: Potential destructive operations (such as variable or collection deletion) are clearly identified in the documentation with explicit instructions for the agent to seek user confirmation before proceeding.
[SAFE]: Input validation is present for sensitive fields, such as the hexToRgb function which uses a regular expression to validate hex color strings before processing, preventing potential injection of malformed data into color fields.

figma-manage-variables