implement-design
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads graphical assets (images, icons, SVGs) from the Figma MCP server's local endpoint. This is documented neutrally as it targets a well-known service integration through the whitelisted localhost domain.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection where malicious instructions within the design data could override agent behavior.
- Ingestion points: Design data and metadata retrieved from the Figma API via get_design_context and get_metadata tools.
- Boundary markers: Absent; there are no delimiters or instructions to treat ingested design content as untrusted data.
- Capability inventory: The agent has the ability to write source code and save binary assets to the local project directory.
- Sanitization: Absent; the skill does not define validation or escaping for text content extracted from Figma before implementation.
Audit Metadata