figma-generate-library
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection Surface]: The skill is designed to ingest and analyze untrusted codebase data (such as CSS variables, JSON tokens, and Tailwind configurations) to build a design system plan.
- Ingestion points: Phase 0 (Discovery) analyzes external files like
*.tokens.jsonandvariables.css(referenced inreferences/discovery-phase.md). - Capability inventory: The skill generates and executes JavaScript via the
use_figmatool to create, modify, or delete nodes and variables in the Figma environment. - Sanitization & Boundary Markers: The workflow enforces a mandatory user checkpoint immediately after the discovery phase and before any write operations occur, ensuring that the human user reviews and approves the extracted data and the subsequent build plan.
- [Dynamic Code Assembly]: The skill's primary operation involves the agent dynamically assembling and executing JavaScript code within the Figma Plugin API environment.
- Evidence:
SKILL.mdand thereferences/folder provide extensive script templates for the agent to adapt and run using theuse_figmatool. - Context: This is the intended primary purpose of the skill, facilitating complex design automation. The risks associated with dynamic code generation are managed through a phased execution model and sequential validation steps.
- [Session State Persistence]: The skill utilizes a state ledger stored in
/tmp/dsb-state-{RUN_ID}.jsonto maintain progress across multiple turns and potential context resets. - Context: This is a standard and benign practice for long-running workflows, ensuring the agent can resume complex tasks without loss of progress or structural corruption.
Audit Metadata