figma

The Figma skill aligns reasonably with its stated purpose of enabling design interactions via automated browser control. However, several security concerns exist: an external installer fetched via curl|bash from an unfamiliar domain; handling of credentials in local env/config; potential exposure of session data through browser automation; and reliance on 2FA prompts that may complicate unattended operation. The data flows primarily target Figma endpoints and local exports; there is no explicit, authenticated data exfiltration to untrusted destinations, but the combination of unverifiable install sources and credential handling elevates risk. Overall, the footprint is suspicious but not definitively malicious; it warrants tighter supply-chain controls (official registries or signed installers), clearer credential management, and explicit data flow protections to reach a benign status.