74
/ 100
1 month ago
glama

Sunnyside Figma MCP

Connects Figma designs to AI agents, enabling extraction of production-ready code, assets, and design tokens through natural language descriptions. Supports React, Vue, CSS, and Tailwind with real-time design system analysis.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 3 credentials: FIGMA_API_KEY, FIGMA_FILE_KEY, FIGMA_OAUTH_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// known CVEs in dependencies1 low

Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.

lowjs-yaml@4.1.0GHSA-mh29-5h37-fv8m

js-yaml has prototype pollution in merge (<<)

Depend on this server? Get alerted when its CVEs change.Watch this server free →
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
🔐 secretFIGMA_API_KEYfigd_your_token_here
configFIGMA_DEV_MCP_URL
🔐 secretFIGMA_FILE_KEY
🔐 secretFIGMA_OAUTH_TOKEN
configNPM_PACKAGE_VERSION
configOUTPUT_FORMAT
configPORTServer won't start on :3333 — another process is bound. Change in .env and update your MCP client URL accordingly.
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 5 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/tercumantanumut-sunnysidefigma-context-mcp-1g0kbw)](https://m8ven.ai/mcp/tercumantanumut-sunnysidefigma-context-mcp-1g0kbw)
commit: ba6da85fcff1b9fd10addd999505a68820ebf774
code hash: a2d6eb7ca97e06fe6117bb059f5d640dbb5e8f008a74d25043691ec8f80726ea
verified: 6/9/2026, 10:17:24 AM
view raw JSON →
Sunnyside Figma MCP · M8ven Trust Score | M8ven