figma-to-code

SUSPICIOUS. The core design-to-code functionality is benign and well-aligned, with no credential access or exfiltration. However, the skill unnecessarily recommends installing an unverified third-party skill hub, creating a transitive supply-chain trust risk that does not belong in a narrowly scoped Figma-to-code skill.