Skills
skills/southleft/skills-for-figma/annotations-figma/Gen Agent Trust Hub

annotations-figma

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses official Figma Plugin API methods (figma.getNodeByIdAsync, figma.annotations.getAnnotationCategoriesAsync) to interact with design files. All operations are confined to the Figma environment and are manually triggered by scripts with no hidden execution.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes user-authored text and markdown from Figma annotations. This is the intended functionality of the skill and is assessed as safe given the execution environment.
  • Ingestion points: scripts/get-annotations.js reads data from ann.label and ann.labelMarkdown fields on Figma nodes.
  • Boundary markers: Absent; the script returns raw annotation content directly to the agent context.
  • Capability inventory: scripts/set-annotations.js allows modification of Figma node annotations. No network, file system, or shell execution capabilities are present.
  • Sanitization: None; content is handled as data for display or update within the Figma design tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 08:59 AM
Security Audit — agent-trust-hub — annotations-figma