Skills
skills/southleft/skills-for-figma/manage-variables-figma/Gen Agent Trust Hub

manage-variables-figma

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides JavaScript snippets designed for execution within the Figma plugin environment via the use_figma tool. These snippets utilize standard Figma Plugin API methods such as figma.variables.createVariable and figma.variables.getVariableByIdAsync for design system management.
  • [DATA_EXFILTRATION]: No network activity or access to sensitive local files (like .env, SSH keys, or cloud credentials) was detected. The scripts only handle design-related data within the Figma context.
  • [PROMPT_INJECTION]: The instructions do not contain patterns intended to override agent behavior, bypass safety guidelines, or extract system prompts.
  • [SAFE]: The skill demonstrates good security practice by including explicit warnings for destructive operations, such as deleting collections or variables, and advising the agent to seek user confirmation first.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 08:59 AM
Security Audit — agent-trust-hub — manage-variables-figma