figma-policy-guardrails

Featured

Enforce security policies and coding standards for Figma API integrations. Use when setting up linting rules for Figma tokens, preventing accidental credential leaks, or enforcing API usage best practices. Trigger with phrases like "figma policy", "figma lint", "figma guardrails", "figma security rules", "figma best practices check".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Figma Policy & Guardrails ## Overview Automated guardrails for Figma API integrations: prevent token leaks, enforce scope minimization, validate webhook configurations, and catch common anti-patterns in CI. ## Prerequisites - ESLint or similar linter - CI/CD pipeline (GitHub Actions) - Pre-commit hooks infrastructure ## Instructions ### Step 1: Token Leak Prevention ```bash # .pre-commit-config.yaml -- catch Figma tokens before commit repos: - repo: local hooks: - id: no-figma-tokens name: Check for Figma PAT leaks entry: bash -c ' if git diff --cached --diff-filter=ACM -z -- . | xargs -0 grep -lP "figd_[a-zA-Z0-9_-]{20,}" 2>/dev/null; then echo "ERROR: Figma PAT found in staged files" echo "Store tokens in .env files (which should be in .gitignore)" exit 1 fi ' language: system pass_filenames: false ``` ```yaml # GitHub Actions secret scanning # .github/workflows/figma-security.yml name: Figma Security Check on: [push, pull_request] jobs: security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Scan for Figma tokens run: | if grep -rP "figd_[a-zA-Z0-9_-]{20,}" \ --include="*.ts" --include="*.js" --include="*.json" \ --exclude-dir=node_modules .; then echo "::error::Figma PAT found in source code" exit 1 fi - name: Check .env ...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI GitHub · DevTools

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

figma-security-basics

Secure Figma API tokens, configure scopes, and validate webhook signatures. Use when securing API keys, implementing least-privilege scopes, or auditing Figma security configuration. Trigger with phrases like "figma security", "figma secrets", "secure figma token", "figma scopes", "figma webhook verify".

2,266 Updated today
jeremylongshore
AI & Automation Featured

hubspot-policy-guardrails

Implement HubSpot lint rules, secret scanning, and CI policy checks. Use when setting up code quality rules for HubSpot integrations, preventing token leaks, or configuring CI guardrails. Trigger with phrases like "hubspot policy", "hubspot lint", "hubspot guardrails", "hubspot security check", "hubspot eslint rules".

2,266 Updated today
jeremylongshore
AI & Automation Featured

adobe-policy-guardrails

Implement Adobe-specific lint rules, CI policy checks, and runtime guardrails covering credential scanning (p8_ patterns), Firefly content policy pre-screening, PDF Services quota enforcement, and OAuth scope validation. Trigger with phrases like "adobe policy", "adobe lint", "adobe guardrails", "adobe eslint", "adobe content policy".

2,266 Updated today
jeremylongshore
AI & Automation Featured

figma-ci-integration

Automate Figma design token sync and asset export in CI/CD pipelines. Use when setting up GitHub Actions for Figma, automating icon exports, or validating design token changes in pull requests. Trigger with phrases like "figma CI", "figma GitHub Actions", "automate figma export", "figma CI pipeline".

2,266 Updated today
jeremylongshore
AI & Automation Featured

anima-security-basics

Secure Anima and Figma tokens for design-to-code pipelines. Use when protecting API credentials, restricting Figma access scope, or hardening CI/CD design automation pipelines. Trigger: "anima security", "anima token safety", "figma token security".

2,266 Updated today
jeremylongshore