figma-to-code
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with the official Figma REST API (api.figma.com) to retrieve design node information. This interaction targets a well-known service and is necessary for the skill's intended functionality.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection because it processes external data from API responses and design tokens.
- Ingestion points: Design data fetched from the Figma REST API and user-supplied design tokens.
- Boundary markers: No specific delimiters are mentioned in the instructions for separating design data from the agent's internal instructions.
- Capability inventory: The skill is restricted to data retrieval via curl and generating component code; it does not execute external code or modify sensitive system files.
- Sanitization: No explicit sanitization or input validation for external design data is specified in the skill's guidelines.
Audit Metadata