figma
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly manages sensitive credentials by utilizing environment variables for the Figma access token, avoiding hardcoded secrets.
- [SAFE]: Network activity is restricted to the official Figma API and CDN domains, which are well-known technology services and treated as trusted sources according to analysis guidelines.
- [SAFE]: File system operations are localized to the export of design assets and the generation of audit reports, with no evidence of unauthorized persistence or privilege escalation.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from Figma files (such as layer names and text content) that is rendered into HTML reports in 'scripts/accessibility_checker.py' and 'scripts/style_auditor.py'.
- Ingestion points: Design data retrieved via 'scripts/figma_client.py'.
- Boundary markers: Not implemented in the HTML report templates.
- Capability inventory: Local file writing for assets and reports; network access for API communication.
- Sanitization: Filenames are sanitized in 'scripts/export_manager.py', but layer names and text content are not escaped before being inserted into HTML reports, posing a minor risk of indirect prompt injection or cross-site scripting.
Audit Metadata