figma-driven-nextjs
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from Figma files and Figma MCP data to drive code generation, creating a potential surface for indirect prompt injection.
- Ingestion points: Figma links and MCP data feeds provided by the user as triggers for component and token generation.
- Boundary markers: No explicit delimiters or instructions to ignore embedded prompts within the Figma metadata are present in the skill definition.
- Capability inventory: The skill generates multiple project files including TypeScript components, style tokens, and configuration files, though it does not execute code directly.
- Sanitization: There is no evidence of input validation or sanitization for design tokens or component names extracted from the external Figma data source.
Audit Metadata