figma-create-new-file
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Service Interaction: The skill connects to an external service endpoint at
https://mcp.figma.com/mcpto facilitate Figma file operations. This is an expected architectural pattern for cloud-integrated skills. - Indirect Input Surface: The workflow involves processing external data, which is a common surface for indirect prompt injection. 1. Ingestion points: User-provided file names and plan information from the
whoamitool are used to populate tool calls. 2. Boundary markers: No explicit delimiters are used to wrap these inputs in the prompt instructions to separate them from the instruction logic. 3. Capability inventory: The skill uses thecreate_new_filetool to perform write operations within the user's Figma account. 4. Sanitization: The instructions do not define specific validation or sanitization steps for external strings before processing. While characteristic of standard integration functionality, these factors suggest a potential area for monitoring input data.
Audit Metadata