design-compare
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands to manage files and directories. It runs a provided bash script (
scripts/export-figma-node.sh) to interface with the Figma API and uses standard utilities likemkdir,cp, andopenfor report generation. - [EXTERNAL_DOWNLOADS]: The skill downloads design assets from Figma's official API and CDN (
api.figma.com). These communications are directed to a trusted and well-known service provider. - [CREDENTIALS_UNSAFE]: The documentation instructs users to store their
FIGMA_ACCESS_TOKENin a.envfile at the repository root. This adheres to common development patterns but involves storing sensitive credentials in plain text within the workspace. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external Figma data and user-provided images. 1. Ingestion points: Figma API responses and local image file paths. 2. Boundary markers: No specific delimiters or instructions to ignore embedded content are provided in the visual analysis prompt. 3. Capability inventory: File system write access, local script execution, and network requests via
curl. 4. Sanitization: Theexport-figma-node.shscript implements regex-based validation forfileKeyandnodeIdand explicitly checks for path traversal (..) in output paths.
Audit Metadata