Figma MCP Server
CommunityREPOthirdstrandstudio/mcp-figma
F
Catalogue entry updated 24 days ago
Auth postureNot probedno remote endpoint probed yet
Tools313 Destructive · 4 Write · 24 Read
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 3Write 4Read 24
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Exfiltration pathReads content an attacker can plant and can send data outward — a prompt-injection-to-exfiltration route.
Tools 31
figma_delete_commentfigma_delete_comment_reactionfigma_delete_webhookfigma_post_commentfigma_post_comment_reaction
View all 31 tools
figma_post_webhookfigma_update_webhookfigma_get_comment_reactionsfigma_get_commentsfigma_get_componentfigma_get_component_setfigma_get_filefigma_get_file_component_setsfigma_get_file_componentsfigma_get_file_nodesfigma_get_file_stylesfigma_get_file_versionsfigma_get_image_fillsfigma_get_imagesfigma_get_library_analytics_component_usagesfigma_get_library_analytics_style_usagesfigma_get_library_analytics_variable_usagesfigma_get_mefigma_get_project_filesfigma_get_stylefigma_get_team_component_setsfigma_get_team_componentsfigma_get_team_projectsfigma_get_team_stylesfigma_get_team_webhooksfigma_get_webhook
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
figma_delete_commentdeny
figma_post_commentrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →