Skills
skills/daetojemax/figma-to-swiftui-skill/figma-to-swiftui/Gen Agent Trust Hub

figma-to-swiftui

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using curl to download image assets from local URLs provided by the Figma MCP server (e.g., curl -o <filename> "<localhost-url>"). While these target localhost, they represent a subprocess execution path.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from external Figma URLs via the get_design_context tool.
  • Ingestion points: Design data and code representations are fetched from Figma URLs in SKILL.md (Step 2).
  • Boundary markers: Absent. The instructions do not define clear delimiters or warnings to ignore instructions embedded within the Figma design context.
  • Capability inventory: The skill possesses the capability to execute shell commands (curl in Step 5), write to the local file system (SwiftUI source files and Asset Catalogs), and read project configuration files (Package.swift, Podfile, .xcodeproj) to audit dependencies.
  • Sanitization: Absent. There is no mention of validating or sanitizing the properties or text extracted from Figma nodes before they are used in prompt interpolation for code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 07:24 AM