Registry/Figma MCP Server

Figma MCP Server

v0.0.2
Verified

Security research canary — not for production use. Part of an authorized bug bounty research project.

By FigmaMIT
typescript
developer tools
15.4Kstars
986downloads
1.2Kforks
Scanned Jul 13, 2026
WebsiteRepositoryGITHUB
F0%
Scanned 6d ago

Critical Issues

Vulnerabilities Found
21Crit
54High
56Med
1Low
0Info

Security ScoreF

0
out of 100

Vulnerabilities Found

21
Crit
54
High
56
Medi
1
Low
0
Info
Last scanned: 7/13/2026

Quality ScoreC

64
out of 100
62
Maint.
79
Popular
46
Docs
73
Compat
Maintenance62%
Popularity79%
Documentation46%
Compatibility73%

Maintenance62

Unknown
Commit Frequency65%
Release Frequency70%
Issue Response45%

Popularity79

15.4K
Stars
986
Downloads
1.2K
Forks
Stars Score100%
Downloads Score54%
Forks Score100%

Documentation46

README Quality55%

Available Documentation

API DocsExamplesChangelog

Compatibility73

MCP Spec Compliance80%
Transport Support50%

Features

TypeScript

Supported Transports

STDIO

Agentic MCP Risk Intelligence

MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.

2
agentic findings
Agentic risk detected

This server has at least one issue specific to AI-agent/MCP execution flows.

Prompt Injection Surface
0

Tool metadata can steer or hijack AI clients before a user invokes the tool.

AI → Command Execution
0

Model-selected tool arguments can reach shell/process execution.

Secret Exfiltration Path
2

Tool context combines credential access with outbound network capability.

Unbounded Filesystem
0

AI-controlled paths may access files outside the intended workspace.

Agent SSRF
0

AI-controlled URLs may reach local, metadata, or internal network services.

Vulnerabilities(132)

21Critical
54High
56Medium
1Low
Filter:

READMEFigma MCP Server

View source

Figma MCP Server

Figma design platform for AI assistants.

Features

  • File Access - Read Figma files
  • Components - Access design components
  • Design Tokens - Export tokens
  • Comments - Read and add comments

License

MIT

Embed Security Badge

Add this badge to your README or documentation

Figma MCP Server MCPSafe Security
[![Figma MCP Server MCPSafe Security](https://api.mcpsafe.org
/api/badge/figma-mcp-server.svg)](https://mcpsafe.org/registry/figma-mcp-server)
Need more customization options?Badge Documentation

Server Information

Source
GITHUB
Package
mcp-server-figma
Version
0.0.2
Language
typescript
License
MIT
Transport
STDIO
Added
Jan 20, 2026
Updated
Jul 13, 2026