figma-diagram-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions to override system prompts, bypass safety filters, or extract system instructions were detected.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were found. The use of Figma-related domains is consistent with the skill's purpose.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no remote script downloads, package installations, or dynamic code execution patterns.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill possesses an indirect prompt injection surface as it ingests and parses diagram structures (untrusted data). However, its capabilities are restricted to applying Mermaid classes and formatting output text for display, which falls into the lowest risk tier (INFO).
Audit Metadata