figma-storybook-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection (Category 8) as it processes external code from Figma nodes via
mcp0_get_design_context. Mandatory Evidence: 1. Ingestion points:figma-mcp-commands.mdutilizes Figma MCP to fetch external design data. 2. Boundary markers: Absent. 3. Capability inventory: High, as it allows for codebase modification and component creation via delegated skills. 4. Sanitization: Absent. - External Downloads (LOW): The skill interacts with figma.com and references downloading assets from local Figma instances, which are not on the trusted domain list.
- Dynamic Execution (LOW): The skill involves generating and adapting React/Tailwind code from Figma templates into the project codebase, which is a form of code generation from external data.
Audit Metadata