ClawHub

Figma Mobile

Security checks across malware telemetry and agentic risk

Overview

This Figma-to-mobile-code skill mostly fits its purpose, but it teaches the agent to collect a Figma access token in chat and save it locally without adequate safeguards.

Review before installing. Use this skill only if you are comfortable running local Node scripts that call Figma and optionally scan selected project resources. Do not paste a real Figma token into chat; configure FIGMA_TOKEN through a secure environment or secret manager, keep any .env out of version control, rotate the token if exposed, and review feedback-log.md or scan-report.json before committing or sharing the project.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The skill explicitly tells the agent to ask the user to paste a Figma personal access token into chat and then write it into a local .env file. Collecting secrets through natural-language chat creates transcript exposure risk, and persisting them locally increases the chance of leakage via logs, shell history, backups, or repository accidents.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to place a Figma personal access token in an environment variable or root .env file, but provides no warning that the token is sensitive, should not be committed, and should be stored using standard secret-handling practices. In agent-driven or repo-based workflows, this omission increases the chance of accidental credential exposure through source control, logs, prompts, or shared workspaces.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill recommends automatically recording user feedback into feedback-log.md without warning that those entries may contain proprietary UI details, snippets, or other sensitive project context. Silent persistence of conversational/project content creates data-retention and unintended disclosure risk, especially in shared repositories or workspaces.

Missing User Warnings

High
Confidence
99% confidence
Finding
This instruction asks the user to paste a Figma token into chat and then save it to .env, but provides no meaningful security warning about transcript exposure or secret storage risks. The combination normalizes insecure secret handling and can directly lead to credential compromise.

Ssd 3

High
Confidence
99% confidence
Finding
Having users disclose an access token in natural-language chat and then persist it locally is a classic secret-handling anti-pattern. In this skill's context, the danger is elevated because the token grants live access to external Figma resources and the workflow normalizes insecure credential exchange.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal