openspec-design
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate project management tasks, such as updating the
openspec/AGENTS.mdfile to include design-related workflow steps. It utilizes designated Figma MCP tools (e.g.,get_file,export_images) for their intended purpose of retrieving design assets fromfigma.com, which is a well-known service. - [SAFE]: While the skill instructions prompt the agent to process local file paths and Figma links provided in user inputs, this functionality is confined to organizing design assets within the project's
design/directory. No evidence of data exfiltration, command injection, or unauthorized access was detected.
Audit Metadata