Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
figma-desktop
v1.0.1Figma 桌面 MCP Skill - 通过 Figma 桌面应用本地 MCP 服务访问完整功能,包括 Figma Make 设计生成、代码生成、设计系统管理等,无需 OAuth 认证
⭐ 0· 220·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description claim to access Figma's local MCP server and expose Figma Make / code generation features. The SKILL.md explicitly instructs using the local URL (http://127.0.0.1:3845/mcp) and mcporter to call those endpoints, and asks you to run the Figma desktop app in Dev Mode. These requirements are coherent with the stated purpose.
Instruction Scope
Instructions stay within the claimed scope: enabling Figma's MCP server, installing mcporter, and making calls to local endpoints. The SKILL.md does not instruct reading arbitrary system files or environment variables. However, enabling MCP and giving a client (mcporter) access to localhost:3845 effectively exposes your currently open documents, selections, and design content to that tool — this is an important privacy/authority implication that the user should understand.
Install Mechanism
The registry has no formal install spec, but the runtime instructions direct the user to run `npm install -g mcporter`. Installing a global npm package from an unspecified source is a moderate-to-high risk: the skill provides no provenance, checksum, or link to the mcporter project repository. While installing Figma via Homebrew or the official download is standard, the unvetted npm package is the primary install risk here.
Credentials
The skill declares no required environment variables or credentials and the instructions do not request additional secrets. That is proportionate. Nevertheless, enabling the local MCP server grants substantial local access to your Figma data and may rely on the running Figma application's authentication/session state — effectively providing access to potentially sensitive design data without OAuth. The skill does not request unrelated credentials, which is good.
Persistence & Privilege
The skill is instruction-only, has no install spec in the registry, does not request 'always: true', and does not attempt to modify other skills or system config. The default ability for the agent to invoke the skill autonomously remains enabled (platform default); combined with local MCP access this increases blast radius, but autonomy alone is not a disqualifying issue.
What to consider before installing
This skill appears to do what it claims — it connects to the Figma desktop MCP server and issues local calls — but exercise caution before installing/using it. Key points to consider:
- mcporter is the only third-party software you are instructed to install; verify its origin. Check the npm package page, repository URL, maintainer, recent downloads, and source code before running `npm install -g mcporter`.
- Enabling the MCP server and allowing a client to talk to http://127.0.0.1:3845 gives that client access to whatever design files you have open (selections, nodes, styles). Only use this on machines and projects you trust.
- Prefer to run mcporter in a controlled environment (container or VM) if you cannot verify its provenance, or ask the skill author for a vetted repository link and checksums.
- When not actively using this skill, disable MCP in Figma or do not run the mcporter client. Be cautious about allowing the agent to invoke the skill autonomously while sensitive files are open.
If the skill author can supply a link to the mcporter source (GitHub repo) and a clear chain of custody for that package, the concerns above would be materially reduced.Like a lobster shell, security has layers — review code before you run it.
latestvk97a39nhkfrhmed0kvmh3y7py9832p59
License
MIT-0
Free to use, modify, and redistribute. No attribution required.