skills/southleft/figma-console-mcp-skills/figma-version-history/Snyk

figma-version-history

Warn

Audited by Snyk on Jun 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.75). Outsider free text is ingested from Figma’s REST API responses (e.g., version label/description and user handles, plus node name/description fields) which are authored by other parties than the operating user; the script fetches these at runtime via curl/fetch and then includes them in the LLM-visible JSON output context.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 13, 2026, 03:56 AM

Issues

1

Security Audit — snyk — figma-version-history