figma-desktop

Security checks across malware telemetry and agentic risk

Overview

This is a Figma Desktop MCP setup guide with expected access to the user's open Figma files and no hidden executable behavior.

Install only if you are comfortable letting an agent use your logged-in Figma Desktop session for files you open. Avoid confidential designs when testing, verify the mcporter package source, keep MCP disabled when not needed, and confirm before running optimize, sync, or generation commands that may change design or project state.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill documents synchronization actions such as syncing code to design and design system sync without clearly warning that these operations may modify Figma files or connected code artifacts. In a tool that bridges live design state and code, users may assume operations are read-only and unintentionally overwrite or alter important assets.

Missing User Warnings

Low

Confidence: 82% confidence
Finding: The skill promotes access to a local Figma MCP server and highlights convenience, but does not clearly warn that tool calls can transmit currently open file context, selections, styles, variables, and other design metadata to the local MCP service and onward through the agent workflow. This can cause unintended disclosure of sensitive design or product information, especially when users assume localhost access implies no privacy risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal