figma-designer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests data from external Figma files which are attacker-controlled sources. Maliciously crafted text layers or component descriptions in Figma could attempt to influence the agent's PRD generation or code output. \n
- Ingestion points: Data fetched via figma_get_file, figma_get_nodes, and figma_get_components tools. \n
- Boundary markers: None identified in the provided templates to distinguish Figma content from system instructions. \n
- Capability inventory: The skill facilitates the generation of technical specifications and code snippets, which are subsequently used by implementation skills. \n
- Sanitization: No evidence of data sanitization or validation of the ingested Figma content is present in the provided files.
Audit Metadata