figma-code-connect-components
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for using Figma's Code Connect feature to link design assets with their corresponding code. It operates within the expected boundaries of Figma design systems and local development environments.
- [DATA_EXPOSURE_AND_EXFILTRATION]: While the skill accesses local codebase files and Figma design data, these operations are central to its primary function. No evidence was found of sensitive data, such as credentials or environment variables, being accessed or transmitted to unauthorized external domains.
- [INDIRECT_PROMPT_INJECTION]: The skill processes potentially untrusted data from the Figma scenegraph and the local codebase. This creates an indirect prompt injection surface where malicious content in a design file or code comment could attempt to influence the agent. However, the risk is significantly mitigated by the required human-in-the-loop workflow, where the agent must present matches to the user for explicit approval before calling the mapping tool.
- Ingestion points:
get_code_connect_suggestions(Figma scenegraph) and local file searches inSKILL.md. - Boundary markers: The skill instructs the agent to present findings to the user for confirmation (Step 3).
- Capability inventory:
get_code_connect_suggestions, file read operations, andsend_code_connect_mappingsacross the workflow. - Sanitization: No explicit automated sanitization is mentioned, relying instead on user review.
Audit Metadata