moai-design-systems
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The automation script example sync-figma-tokens.ts in SKILL.md uses string interpolation to build a shell command for the figma-mcp CLI. This implementation is vulnerable to shell injection.
- Ingestion point: The figmaFileUrl parameter in the syncFigmaTokens function.
- Boundary markers: None present to delimit the input or instruct the agent to ignore embedded commands.
- Capability inventory: The script uses child_process.exec (via execAsync) to run shell commands.
- Sanitization: No input validation, character escaping, or sanitization is performed on the figmaFileUrl variable before execution.
- [EXTERNAL_DOWNLOADS]: The skill references and provides setup instructions for several third-party tools and libraries for design system development.
- Evidence: All referenced tools, including Style Dictionary, Figma MCP, Storybook, and Chromatic, are established industry standards or official resources from well-known technology providers. Downloads are managed through standard registries like npm.
Audit Metadata