Skills
skills/learnwy/skills/figma-node-fetcher/Gen Agent Trust Hub

figma-node-fetcher

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill accesses configuration files such as .env, .env.local, and .figma.env to retrieve the FIGMA_ACCESS_TOKEN. This is a standard practice for local development tools. The script includes a maskToken function to ensure sensitive credentials are not printed in full to the console during configuration checks.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data from the Figma REST API and user-provided URLs, creating a surface for indirect prompt injection.
  • Ingestion points: Data enters through the --url argument, the --urls-file argument (which reads local files), and the responses from api.figma.com.
  • Boundary markers: Output JSON files do not contain explicit delimiters or instructions for downstream agents to ignore embedded content.
  • Capability inventory: The script performs network GET requests and writes results to the local filesystem using fs.writeFileSync.
  • Sanitization: The tool uses a safeNodeName function to sanitize Figma node IDs (replacing non-alphanumeric characters with dashes), effectively preventing path traversal attacks when generating output directory structures.
  • [COMMAND_EXECUTION]: The skill provides CLI-based Node.js scripts. While it performs filesystem and network operations, it does not use shell execution functions like eval(), exec(), or spawn() with user-controlled input.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:31 AM