figma-generate-component
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (MEDIUM): The skill processes untrusted external content from Figma designs, creating an Indirect Prompt Injection surface.
- Ingestion points: Design structure, layer names, and component properties retrieved via the Figma MCP server (SKILL.md).
- Boundary markers: Absent. The skill does not define delimiters or provide 'ignore embedded instructions' warnings for the data retrieved from Figma.
- Capability inventory: The skill generates production-ready code (React, Vue, HTML/CSS), which can lead to the injection of backdoors or malicious scripts into a user's codebase.
- Sanitization: There is no evidence of sanitization or validation of the text and metadata extracted from Figma before it is interpolated into the code generation prompt.
Audit Metadata