figma-to-landing-page
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is installed using 'npx skills add chandima/rds-lp-factory' and references the 'rds-component-mapper' skill. These are author-owned resources and are standard for this skill's ecosystem.
- [PROMPT_INJECTION]: The skill processes content from Figma URLs and images, which presents a surface for indirect prompt injection. This is a common and expected characteristic for tools that interpret external design files.
- Ingestion points: Figma design/prototype URLs and user-provided image files (SKILL.md).
- Boundary markers: No specific delimiters are used to separate design data from agent instructions.
- Capability inventory: File system access to create Nuxt 3 pages and assets, and browser navigation capabilities via Playwright MCP (SKILL.md).
- Sanitization: No explicit sanitization of extracted design strings is mentioned prior to their use in code generation.
Audit Metadata