Skills
skills/vm0-ai/vm0-skills/figma/Gen Agent Trust Hub

figma

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches design metadata and image assets from the official Figma REST API (api.figma.com). This interaction involves well-known official domains and is central to the skill's purpose.
  • [COMMAND_EXECUTION]: Uses the standard CLI tools curl and jq to perform network requests and process JSON responses. The logic is transparent and limited to API interaction.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted content from the Figma API (such as file comments or layer text) which provides a surface for indirect prompt injection.
  • Ingestion points: Data retrieved from api.figma.com/v1/files/ (SKILL.md).
  • Boundary markers: None identified in the provided instructions.
  • Capability inventory: Limited to read/write API operations using curl and jq.
  • Sanitization: No specific sanitization or filtering logic is mentioned for processed API data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:43 PM