Skills
skills/oimiragieo/agent-studio/figma/Gen Agent Trust Hub

figma

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches design specifications and assets from Figma's official API (api.figma.com), which is a well-known service.
  • [COMMAND_EXECUTION]: Provides bash snippets using curl and jq to interact with remote APIs and process structured data.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting untrusted content from Figma files.
  • Ingestion points: Data is retrieved from Figma file nodes, styles, and components via the REST API (SKILL.md).
  • Boundary markers: The skill lacks explicit instructions to treat design metadata as untrusted or to use delimiters when processing Figma content.
  • Capability inventory: The skill has access to Bash for command execution, Write for file system modification, and WebFetch for network operations (SKILL.md frontmatter).
  • Sanitization: There is no mention of sanitizing or validating component names, descriptions, or annotations before they are processed by the agent or used in code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:49 PM