figma-design-extraction
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected. The skill instructions focus on valid technical processes for interacting with the Figma API via MCP tools.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external Figma metadata and variable definitions.
- Ingestion points: Figma file metadata and variable definitions via
mcp__figma__get_metadataandmcp__figma__get_variable_defsas described inSKILL.md. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for data retrieved from Figma.
- Capability inventory: The skill has access to high-privilege tools including
WriteandBash (*). - Sanitization: No explicit sanitization or validation logic is provided for the content extracted from the external design files. Note: This finding is categorized as a low-risk surface inherent to the skill's primary purpose.
Audit Metadata