anima-performance-tuning
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill access the
FIGMA_TOKENenvironment variable to authenticate requests to the official Figma API (api.figma.com). This is a well-known service and the use of environment variables for secrets follows standard security best practices for agent integrations. - [COMMAND_EXECUTION]: Utilizes the Node.js
fsmodule to manage a local cache directory (.anima-cache). This is used to store and retrieve previously generated code components to reduce latency and API overhead. - [EXTERNAL_DOWNLOADS]: Fetches metadata from Figma's official API to determine if design components have changed since the last generation. These requests are targeted at a well-known service and do not involve the execution of remote code.
Audit Metadata