figma
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official npm registry. This is a vendor-owned tool necessary for the skill's operation. - [COMMAND_EXECUTION]: Various shell commands are provided for using the
membraneCLI to manage sessions and execute Figma actions. These are documented workflows for the platform. - [SAFE]: No signs of prompt injection, data exfiltration, or obfuscation were found. The skill leverages the Membrane platform's authentication management to avoid handling sensitive credentials directly.
Audit Metadata