Figma
PassAudited by ClawScan on May 1, 2026.
Overview
The artifacts are coherent for a Membrane-powered Figma integration, with expected but notable OAuth, CLI installation, and Figma data mutation capabilities.
Before installing, verify that the Membrane CLI package and account are trustworthy, connect only the intended Figma workspace, and ask the agent to confirm before reading full files or posting/deleting comments. Revoke the Membrane/Figma connection when you no longer need the integration.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the CLI allows local commands to communicate with Membrane and Figma on the user's behalf.
The setup asks for a global npm CLI install pinned only to the latest release. This is user-directed and central to the Membrane workflow, but future package changes affect what runs locally.
npm install -g @membranehq/cli@latest
Install only from the official package source, consider pinning a reviewed version, and avoid running the CLI with elevated privileges unless necessary.
A connected account may allow the agent, through Membrane, to access Figma data available to that account.
The skill relies on delegated authentication and ongoing credential refresh through Membrane. This is expected for Figma access, but it is sensitive account authority.
Membrane handles authentication and credentials refresh automatically
Connect only the intended Figma/Membrane account, prefer least-privilege access where possible, and revoke the connection when finished.
If used incorrectly, the agent could post or remove comments in Figma files visible to collaborators.
The action catalog includes Figma comment mutation actions. These are purpose-aligned for a Figma management integration, but they can change collaborative workspace content.
| Delete Comment | delete-comment | Deletes a specific comment. | ... | Post Comment | post-comment | Posts a new comment on a file. |
Require clear user intent before posting or deleting comments, and review the target file/comment before executing mutating actions.
Remote setup guidance could influence what the agent does during connection handling.
The skill allows Membrane connection responses to include instructions for the agent. This is plausible for setup flows, but external instructions should not override the user's goal.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat returned agent instructions as setup hints only, and ignore anything that conflicts with the user's request or asks for unrelated actions.