Skip to content
ai-supply.store
ОбзорКатегорииРейтингиСообществоAgent APIFAQ
ВойтиБесплатная регистрация
catalog / Coding / Framelink Figma MCP Server
◇MCP serverCodingFree

Framelink Figma MCP Server

Gives AI coding agents structured Figma layout data to implement designs accurately in any framework.

@ai-supply
Установки232
↗ Исходный репозиторий
← More CodingCoding leaderboard →How we grade security →Source ↗

Framelink Figma MCP Server

Figma-Context-MCP (Framelink) is a Model Context Protocol server that gives AI coding agents like Cursor and Claude structured access to your Figma design files.

When you point the agent at a Figma file, frame, or component, the server fetches the relevant layout, styling, and layer metadata and simplifies it into a compact, agent-friendly format. This lets the model implement a design accurately in one shot rather than guessing from a screenshot.

It is aimed at frontend developers who use AI coding tools and want design-to-code output that faithfully matches their Figma layouts across any framework.

Rating rank
#1
of 27 in Coding
Install rank
#27
of 27 in Coding
Security score
0/100 · D
review
Security rank
#24
of 27 in Coding
Installs
232
cat avg 157k
This listing vs category average
Installs
this
cat avg
Security (of 100)
this
cat avg
Adoption trend
See the Coding leaderboard →
! Security: Review · 00/100 · grade Dscanned 17h ago
⚠ 2 compromise signals19 risk-surface · 8/20 OWASP controls flagged

Compromise signals — malicious or tampered code (leaked secrets, backdoors, a dropped executable) — reduce the score, and known dependency CVEs carry a bounded penalty (they warrant review but never QUARANTINE — update the dependency to clear). Other dangerous-by-capability traits are risk surface, expected for some capabilities. Every finding is mapped to its OWASP control below.

What this capability can do · high confidence (static)
Tools (4)
benchmark-simplifyfigma-developer-mcpfetchget_figma_data
⚑ filesystem⚑ shell⚑ network⚑ secrets
egress → registry.npmjs.org, www.conventionalcommits.org, help.figma.com, www.framelink.ai, framelink.ai, npmcharts.com, img.shields.io, twitter.com +14

Findings mapped to the OWASP Top 10 for LLM Applications (2025) and the OWASP Machine Learning Security Top 10. Expand any flagged control for the exact findings — compromise reduces the score; expected/risk-surface do not.

OWASP Top 10 for LLM Applications
⚠LLM02Sensitive Information Disclosurecompromise · high
Secrets, credentials or PII shipped inside the artifact.
•Embedded credentials — found: hardcoded credential · GLips-Figma-Context-MCP-c083d65/src/telemetry/client.ts (CWE-798)compromise
•Verified secret leak (deep scan) — 1 leak(s): generic-api-key (CWE-798)compromise
⚠LLM07System Prompt Leakagecompromise · high
Secrets, internal hosts or proprietary logic exposed in shipped prompts.
•Embedded credentials — found: hardcoded credential · GLips-Figma-Context-MCP-c083d65/src/telemetry/client.ts (CWE-798)compromise
•Verified secret leak (deep scan) — 1 leak(s): generic-api-key (CWE-798)compromise
⚠LLM03Supply Chaincritical
Vulnerable/compromised dependencies, models or archives in the artifact.
•Dependency manifest — 31 npm dependencies declared · GLips-Figma-Context-MCP-c083d65/package.jsonrisk surface
•Vulnerable dependencies — 54 known vulnerabilities in: @hono/node-server@1.19.10, brace-expansion@1.1.12, brace-expansion@2.0.2, brace-expansion@5.0.4, esbuild@0.27.3, express-rate-limit@8.2.1, fast-uri@3.1.0, file-type@16.5.4 (CWE-1395)known CVE · -25 pts
⚠LLM05Improper Output Handlinghigh
Code that pipes model/user output into shell, eval, SQL or paths unsafely.
•Path traversal sequences — '../' present in content or name · GLips-Figma-Context-MCP-c083d65/scripts/benchmark-simplify.ts (CWE-22)risk surface
•Suspicious code patterns — child_process exec; dynamic code execution · GLips-Figma-Context-MCP-c083d65/scripts/scan-hidden-chars.mjs (CWE-78)risk surface
•Suspicious code patterns — environment/secret exfiltration · GLips-Figma-Context-MCP-c083d65/src/bin.ts (CWE-200)risk surface
•Suspicious code patterns — unsafe yaml.load · GLips-Figma-Context-MCP-c083d65/src/tests/integration.test.ts (CWE-502)risk surface
•Suspicious code patterns — child_process exec · GLips-Figma-Context-MCP-c083d65/src/tests/server.test.ts (CWE-78)risk surface
•Suspicious code patterns — dynamic code execution · GLips-Figma-Context-MCP-c083d65/src/transformers/text.ts (CWE-95)risk surface
⚠LLM06Excessive Agencyhigh
Over-broad tool/permission surface or unrestricted egress.
•External endpoints declared — 1 distinct host(s) · GLips-Figma-Context-MCP-c083d65/.env.examplerisk surface
•Egress to a private/loopback host — 127.0.0.1 · GLips-Figma-Context-MCP-c083d65/.github/ISSUE_TEMPLATE/bug_report.md (CWE-918)risk surface
•External endpoints declared — 2 distinct host(s) · GLips-Figma-Context-MCP-c083d65/.github/workflows/release.ymlrisk surface
•Broad capability surface — 4 high-impact capability categories referenced — verify least-privilege · GLips-Figma-Context-MCP-c083d65/CLAUDE.md (CWE-272)risk surface
•External endpoints declared — 6 distinct host(s) · GLips-Figma-Context-MCP-c083d65/CONTRIBUTING.mdrisk surface
•External endpoints declared — 14 distinct host(s) · GLips-Figma-Context-MCP-c083d65/README.mdrisk surface
•Broad capability surface — 3 high-impact capability categories referenced — verify least-privilege · GLips-Figma-Context-MCP-c083d65/pnpm-lock.yaml (CWE-272)risk surface
•External endpoints declared — 3 distinct host(s) · GLips-Figma-Context-MCP-c083d65/server.jsonrisk surface
⚠LLM10Unbounded Consumptionmedium
Unbounded loops/recursion causing DoS or runaway cost.
Enforced at runtime by the gateway (rate limits + spend caps + size caps); static check flags unbounded loops.
•Potentially unbounded loop — an infinite loop (while True / while(1) / for(;;)) may cause runaway consumption · GLips-Figma-Context-MCP-c083d65/src/utils/common.ts (CWE-835)risk surface
§LLM09MisinformationGovernance
Artifacts designed to produce false/deceptive output.
Detectable only by runtime behavioral evaluation; addressed via responsible-use attestation.
✓LLM01Prompt InjectionPassed
✓LLM04Data and Model PoisoningPassed
Backdoors/poisoning in training data or serialized models.
Behavioral poisoning needs model execution; static check covers unsafe serialization + dataset skew only.
✓LLM08Vector and Embedding WeaknessesPassed
PII or plaintext source leakage in embedding/vector exports.
Embedding inversion/poisoning is largely runtime; static check covers PII in vector exports.
OWASP Machine Learning Security Top 10
⚠ML06AI Supply Chaincritical
Compromised PyPI/npm packages, typosquats, unsafe serialized models.
•Dependency manifest — 31 npm dependencies declared · GLips-Figma-Context-MCP-c083d65/package.jsonrisk surface
•Vulnerable dependencies — 54 known vulnerabilities in: @hono/node-server@1.19.10, brace-expansion@1.1.12, brace-expansion@2.0.2, brace-expansion@5.0.4, esbuild@0.27.3, express-rate-limit@8.2.1, fast-uri@3.1.0, file-type@16.5.4 (CWE-1395)known CVE · -25 pts
⚠ML09Output Integrityhigh
Middleware tampering with model outputs in transit.
Gateway enforces TLS + response integrity; static check flags output-rewriting code.
•Path traversal sequences — '../' present in content or name · GLips-Figma-Context-MCP-c083d65/scripts/benchmark-simplify.ts (CWE-22)risk surface
•Suspicious code patterns — child_process exec; dynamic code execution · GLips-Figma-Context-MCP-c083d65/scripts/scan-hidden-chars.mjs (CWE-78)risk surface
•Suspicious code patterns — environment/secret exfiltration · GLips-Figma-Context-MCP-c083d65/src/bin.ts (CWE-200)risk surface
•Suspicious code patterns — unsafe yaml.load · GLips-Figma-Context-MCP-c083d65/src/tests/integration.test.ts (CWE-502)risk surface
•Suspicious code patterns — child_process exec · GLips-Figma-Context-MCP-c083d65/src/tests/server.test.ts (CWE-78)risk surface
•Suspicious code patterns — dynamic code execution · GLips-Figma-Context-MCP-c083d65/src/transformers/text.ts (CWE-95)risk surface
§ML01Input Manipulation (Adversarial)Governance
Models vulnerable to adversarial perturbations.
Requires runtime robustness evaluation; addressed via publisher robustness attestation.
§ML03Model InversionGovernance
Training data reconstructable from a model's outputs.
Runtime/evaluation property; addressed via model-card data-provenance + DP attestation.
§ML04Membership InferenceGovernance
Determining whether a record was in the training set.
Runtime/evaluation property; addressed via overfitting disclosure + DP attestation.
§ML08Model SkewingGovernance
Models trained on skewed data producing biased output.
Requires fairness evaluation; addressed via model-card bias/limitations disclosure.
✓ML02Data PoisoningPassed
Poisoned training datasets with triggers or anomalous distributions.
Static check covers trigger phrasing, PII and label skew; full poisoning detection is runtime.
✓ML05Model TheftPassed
Unlicensed re-distribution / license-incompatible derivatives.
Static check verifies license declaration; extraction throttling is runtime.
✓ML07Transfer Learning AttackPassed
Backdoored base models / LoRA adapters propagating to derivatives.
Backdoor detection needs behavioral probing; static check covers unsafe serialization + provenance.
✓ML10Model Poisoning (Weights)Passed
Tampered model weight files; integrity must be verifiable.
Static check enforces safe formats + records a content hash for downstream verification.
Other findings (8) · hygiene / uncategorized
•Suspicious network references — raw IP URL (2 URLs) · GLips-Figma-Context-MCP-c083d65/.github/ISSUE_TEMPLATE/bug_report.mdrisk surface
•Unrecognized file type — '.gitignore' is not on the allowlist · GLips-Figma-Context-MCP-c083d65/.gitignorerisk surface
•Unrecognized file type — '.nvmrc' is not on the allowlist · GLips-Figma-Context-MCP-c083d65/.nvmrcrisk surface
•Unrecognized file type — '.prettierrc' is not on the allowlist · GLips-Figma-Context-MCP-c083d65/.prettierrcrisk surface
•Unrecognized file type — '.?' is not on the allowlist · GLips-Figma-Context-MCP-c083d65/LICENSErisk surface
•Unrecognized file type — '.mjs' is not on the allowlist · GLips-Figma-Context-MCP-c083d65/scripts/scan-hidden-chars.mjsrisk surface
•Suspicious network references — raw IP URL (4 URLs) · GLips-Figma-Context-MCP-c083d65/src/tests/http-header-auth.test.tsrisk surface
•Suspicious network references — raw IP URL (10 URLs) · GLips-Figma-Context-MCP-c083d65/src/tests/server.test.tsrisk surface
✔ verified source · pinned GLips-Figma-Context-MCP-c083d65 · changed since last scan (-16 pts)
Check against a policy

The same gate an agent runs before installing (POST /api/v1/trust/figma-context-mcp/check). Click a policy:

Consume Framelink Figma MCP Server programmatically. Authenticate with an API key or session — see Authorize an agent.

# Agents: CHECK BEFORE YOU INSTALL (no auth) — score, grade, level, capability manifest
curl https://ai-supply.store/api/v1/trust/figma-context-mcp

# Gate against your org policy (returns { pass, violations })
curl -X POST https://ai-supply.store/api/v1/trust/figma-context-mcp/check \
  -H "Content-Type: application/json" \
  -d '{"minGrade":"B","denyPermissions":["shell"],"denyUnknownEgress":true}'

# CLI
npx ai-supply add figma-context-mcp

# REST (install → download)
curl -X POST https://ai-supply.store/api/v1/listings/figma-context-mcp/install \
  -H "Authorization: Bearer $AIM_KEY"

# MCP tool
install_listing({ "slug": "figma-context-mcp" })
OpenAPI spec →
vlatest
! Security: Review · 01d ago

Curated mirror — latest upstream source. See the repository for tagged releases.

Sign in and install this listing to leave a review.

More from @ai-supply

View profile →
◉Agent
MetaGPT
Multi-agent framework that assigns GPT roles (PM, engineer, QA) to solve complex software tasks end-to-end.
↓ 1.0M
⇄Connector
vLLM
High-throughput, memory-efficient LLM inference engine with PagedAttention and continuous batching.
↓ 892k
⇄Connector
Meilisearch
Lightning-fast open-source search engine with typo-tolerance, semantic hybrid search, and sub-50ms response times.
↓ 811k
△Eval
Weights & Biases (wandb)
ML experiment tracking and visualization — log metrics, hyperparameters, models, and media in real time.
↓ 784k
ai-supply.store

Бесплатные AI-возможности с проверкой безопасности — skills, MCP, плагины, агенты, датасеты и другое. У каждой своя оценка безопасности и контроль актуальности, и всё создано как для людей, так и для агентов.

api · v3.1status · all green
Контакты
support@ai-supply.storesecurity@ai-supply.store
Каталог
  • Обзор
  • Категории
  • Рейтинги
  • Бенчмарки
  • Безопасность
Сообщество
  • Сообщество
  • FAQ
Для агентов
  • Быстрый старт (60s)
  • Авторизовать агента
  • Agent API
  • Спецификация OpenAPI
Для разработчиков
  • Опубликовать
  • Панель управления
Аккаунт
  • Создать аккаунт
  • Войти
  • Настройки
Правовые документы
  • Условия использования
  • Соглашение издателя
  • Правила допустимого использования
  • Конфиденциальность