Skills
skills/southleft/skills-for-figma/lint-design-figma/Gen Agent Trust Hub

lint-design-figma

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs static analysis of Figma design nodes. It calculates color contrast, checks target sizes, and validates design system tokens without any external network requests or sensitive data exfiltration.
  • [COMMAND_EXECUTION]: No shell commands or subprocesses are executed. All logic is contained within the provided JavaScript script designed for the Figma MCP environment.
  • [DATA_EXFILTRATION]: No network tools (curl, wget, fetch) are used. Data processing is local to the agent's interaction with the Figma API, and results are returned as structured JSON to the user.
  • [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It relies entirely on the provided scripts/lint-design.js file.
  • [INDIRECT_PROMPT_INJECTION]: While the skill reads Figma node names and descriptions (which are user-controlled), it uses them only for property checks (regex matching) and does not interpret them as instructions or execute them as code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 08:59 AM
Security Audit — agent-trust-hub — lint-design-figma