Skillv1.0.2

ClawScan security

figma-design-analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 14, 2026, 7:39 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code implements Figma analysis and export features as described, but the package/registry metadata omits the required FIGMA_ACCESS_TOKEN and there are a few minor scope/permission mismatches you should consider before installing.
Guidance: What to check before installing/use: - Required token: SKILL.md and the code require FIGMA_ACCESS_TOKEN but the registry metadata did not declare this. Expect to provide a Figma personal access token. - Token safety: Treat that token like a secret — create a token with minimal access, run the tool in an isolated environment, and revoke it if you are unsure. The token lets the skill read files accessible to your Figma account. - Local file reads/writes: The compare command reads arbitrary local file paths you supply; do not pass sensitive system files. The skill writes exports/reports into figma-exports/ under the process CWD. - Network behavior: All network calls go to api.figma.com (expected). If you see any other network endpoints in a future version, investigate before use. - Code review & dependency audit: The source is present — review the modules for any unexpected behavior and run npm audit on dependencies before installing. Running in a disposable container or VM is recommended for first use. - Metadata mismatch: Because the registry metadata omitted the required env var, consider asking the publisher to correct the skill manifest or only use the repository after verifying the code. If you are comfortable with these points and grant only the FIGMA token you intend to use, the implementation otherwise appears consistent with its stated purpose.

Review Dimensions

Purpose & Capability: noteThe skill name/description match the included code: it calls Figma APIs, extracts colors/fonts/spacing, exports screenshots, and compares CSS files. Declared dependencies (axios, sharp, commander, etc.) are appropriate for these tasks. The main mismatch is that the registry metadata lists no required env vars or primary credential, while both SKILL.md and the code require a FIGMA_ACCESS_TOKEN.
Instruction Scope: noteSKILL.md and the CLI instruct the user/agent to set FIGMA_ACCESS_TOKEN, run npm install, and then call CLI commands. The runtime instructions and code read user-provided implementation files (CSS or other file paths), fetch many endpoints under api.figma.com, and write exported images/reports to disk (figma-exports/...). These actions are within the described purpose, but the skill will read local files you point it to (potentially arbitrary paths) and will load a .env file via dotenv if present.
Install Mechanism: okThere is no scripted install spec in the registry (instruction-only), but package.json and README instruct an npm install. Dependencies are standard public packages from npm — no obscure download URLs or archive extraction. Installing will fetch packages from the public npm registry (normal but has typical npm risks).
Credentials: concernThe skill requires a Figma personal access token (FIGMA_ACCESS_TOKEN) in SKILL.md and uses it throughout the code (axios X-Figma-Token). However registry metadata declared no required env vars and no primary credential — an inconsistency. The skill also loads .env via dotenv, and will access any local implementation file path you pass for comparison. Requesting a single Figma token is proportionate to the purpose, but the metadata should explicitly list that credential and the user should be aware the token grants API access to files visible to that account.
Persistence & Privilege: okThe skill is not always-enabled and allows autonomous invocation (default). It writes export files and reports to the current working directory (creates figma-exports/*). It does not attempt to modify other skills or system-wide agent config. Writing files to disk is expected for an exporter but you should be aware of the output locations.