qt-figma-token-extraction

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches design data (variables and styles) from Figma's official REST API (api.figma.com). This targets a well-known service and is a required operation for the skill's primary functionality.
  • [COMMAND_EXECUTION]: The skill generates multiple QML singleton files (such as Primitives.qml and Theme.qml) and updates the project's CMakeLists.txt to register them. It also provides curl commands for the user to execute locally to retrieve data. These actions are consistent with the skill's stated purpose of automating design system setup.
  • [CREDENTIALS_UNSAFE]: The skill requires a Figma Personal Access Token (PAT) for API access. It correctly instructs the user to generate a token and provide it for specific requests, following standard security practices. No secrets are hardcoded in the skill, and there is no evidence of unauthorized token exfiltration.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external Figma data to generate code. Ingestion points: Data is ingested from design-tokens-raw.json and text-styles-nodes.json during the code generation steps. Boundary markers: The skill does not use explicit boundary markers or ignore-instructions when interpolating Figma data into QML templates. Capability inventory: The skill can write new files and modify CMake configuration. Sanitization: While it applies structural validation through type mapping and naming conventions (snake_case), it does not perform explicit semantic sanitization of external strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:37 AM
Security Audit — agent-trust-hub — qt-figma-token-extraction