figma-design-generate

The described skill plausibly implements legitimate design-capture functionality (DOM -> Figma). However, it currently requests disproportionately broad host privileges (Bash(*) and Read/Write) and lacks transparency about where captures and authentication tokens are sent. Primary risks: (1) credential forwarding or storage by an opaque intermediary MCP service, (2) sensitive-data capture from production UIs with no redaction controls, and (3) potential for arbitrary host command execution due to shell permissions. I do not find definitive malicious code in the description, but the supply-chain and privilege posture warrant a medium security risk. Mitigations: enforce least privilege (limit to specific, audited commands), require explicit user consent before starting servers or capturing production sites, document auth flows and endpoints, and provide redaction options and retention/ownership policies for captured data.