Figma MCP Server
Security research canary — not for production use. Part of an authorized bug bounty research project.
Critical Issues
Security ScoreF
Vulnerabilities Found
Quality ScoreC
Maintenance62
Popularity79
Documentation46
Available Documentation
Compatibility73
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
This server has at least one issue specific to AI-agent/MCP execution flows.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(132)
READMEFigma MCP Server
View sourceFigma MCP Server
Figma design platform for AI assistants.
Features
- File Access - Read Figma files
- Components - Access design components
- Design Tokens - Export tokens
- Comments - Read and add comments
License
MIT
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/figma-mcp-server)Server Information
- Source
- GITHUB
- Package
- mcp-server-figma
- Version
- 0.0.2
- Language
- typescript
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026