Trust Assessment
figma received a trust score of 29/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 8 findings: 0 critical, 2 high, 6 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Suspicious import: requests, Potential data exfiltration: file read + network send.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 5acc5677). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings8
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential data exfiltration: file read + network send Function 'download_image' reads files and sends data over the network. This may indicate data exfiltration. Review this function to ensure file contents are not being sent to external servers. | Static | skills/maddiedreese/figma/scripts/figma_client.py:166 | |
| HIGH | Path Traversal in Output Directory Creation The `ExportManager` in `export_manager.py` constructs file paths and creates directories using a user-configurable `output_dir`. If a malicious user provides a path containing traversal sequences (e.g., `../../`), files could be written to arbitrary locations on the filesystem. This can lead to data corruption, denial of service, or potentially remote code execution if combined with other vulnerabilities. Sanitize the `output_dir` input to prevent path traversal. Ensure the path is normalized and does not escape the intended base directory. A common approach is to resolve the path and check if it remains within a designated safe export root, or to disallow path separators in the input. | LLM | scripts/export_manager.py:39 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/maddiedreese/figma/scripts/export_manager.py:537 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/maddiedreese/figma/scripts/figma_client.py:11 | |
| MEDIUM | Unpinned Python dependency version Requirement 'requests>=2.31.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/maddiedreese/figma/requirements.txt:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'aiohttp>=3.9.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/maddiedreese/figma/requirements.txt:2 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pathlib' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/maddiedreese/figma/requirements.txt:3 | |
| MEDIUM | Unpinned or Loosely Pinned Dependencies The `requirements.txt` file uses loose version specifiers (e.g., `>=2.31.0`) for `requests` and `aiohttp`. This practice can lead to non-deterministic builds and introduces a supply chain risk, as future installations might pull in newer, potentially vulnerable, or incompatible versions of these libraries without explicit review. It's best practice to pin dependencies to exact versions or use a more restrictive range (e.g., `~=X.Y`). Pin all dependencies to exact versions (e.g., `requests==2.31.0`) or use a more restrictive version range (e.g., `requests~=2.31.0`) to ensure consistent and secure builds. Regularly update and review pinned dependencies for security patches. | LLM | requirements.txt:1 |
Scan History
Embed Code
[](https://skillshield.io/report/00720be3650d3d69)
Powered by SkillShield