Skip to main content

Announcing StackOne Defender: leading open-source prompt injection guard for your agent Read More

Connect

Connectors Agent Auth MCP Connector Builder

Optimize

Tool Discovery Falcon Engine

Secure

Defender
Connectors

HRIS / HCM

Employee Onboarding Employee Offboarding

Recruiting

Application Screening Interview Scheduling

Customer Support

Ticket Triage Voice Call Summarization

Sales & CRM

Deal Risk Scoring Lead Qualification

Accounting & Finance

Invoice Processing Month-End Accruals

Marketing

Campaign Reports Lead Nurture Sequences
View all use cases

Developers

Docs Changelog Status

Learn

Blog Case Studies Events Partners
Pricing
Login Book Demo Start Free

Figma MCP Server
for AI Agents

Production-ready Figma MCP server with 39 extensible actions — plus built-in authentication, security, and optimized execution.

Start Free Book Demo Read Docs →
Figma logo
Figma MCP Server
Built by StackOne StackOne

Coverage

39 Agent Actions

Create, read, update, and delete across Figma — and extend your agent's capabilities with custom actions.

MCP Actions → Create Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your Figma MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every Figma tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every Figma call.

Tools Discovery →

What is the Figma MCP Server?

A Figma MCP server lets AI agents read and write Figma data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's Figma MCP server ships with 39 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, and optimized agent context. Connect it from MCP clients like Claude Desktop, Cursor, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All Figma MCP Tools and Actions

Every action from Figma's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

Comments

  • Create Comment

    Post a new comment on a Figma file as either a standalone comment or a threaded reply to an existing comment

  • List Comments

    Retrieve all comments and comment threads from a Figma file, including user information, timestamps, and threaded replies

  • Delete Comment

    Permanently delete a specific comment from a Figma file, removing it from the design's comment thread

Comment Reactions

  • Add Comment Reaction

    Add an emoji reaction to a comment for quick engagement without writing a full reply

  • List Comment Reactions

    Retrieve all emoji reactions added to a specific comment, including who reacted and when

  • Delete Comment Reaction

    Remove an emoji reaction from a comment that you previously added

Webhooks

  • Create Webhook

    Create a new webhook to receive events from Figma

  • List Webhooks

    Get all webhooks for a given context (team, project, file) or plan

  • Get Webhook

    Get details of a specific webhook by ID

  • Update Webhook

    Update an existing webhook configuration

  • Delete Webhook

    Permanently delete a webhook

Dev Resources

  • List Dev Resources

    Get developer resources (links) attached to nodes in a file

  • Delete Dev Resource

    Delete a specific developer resource link from a file

Other (26)

  • Get File

    Retrieves the complete JSON representation of a Figma file including all pages, frames, components, layers, and their properties with full design data and document tree structure

  • Get File Nodes

    Retrieves specific nodes from a Figma file by their IDs without fetching the entire file structure, enabling efficient targeted data extraction for individual components, frames, or design elements

  • Get Image Fills

    Retrieves download URLs for all user-uploaded images used as fills in a Figma file, including photos, textures, and bitmap assets embedded in the design

  • Get File Metadata

    Retrieves lightweight metadata about a Figma file including name, thumbnail, timestamps, editor type, version information, and sharing permissions without fetching the full document structure

  • List Team Projects

    Retrieves all projects within a specified team, including project names, IDs, and metadata. Useful for team workspace navigation, project discovery, and organizational management.

  • List Project Files

    Retrieves all design files within a specific project, including file names, keys, thumbnail URLs, and last modified timestamps. Essential for file discovery, project content auditing, and building custom dashboards.

  • Get Current User

    Get information about the currently authenticated user

  • List Team Components

    Retrieve all published components from a team's shared library with pagination support, useful for building component browsers and syncing design systems

  • List File Components

    Retrieve all published components from a specific Figma file's library, returning component metadata without pagination

  • Get Component

    Retrieve detailed metadata for a specific component by its unique component key

  • List Team Component Sets

    Retrieve all published component sets (variant groups) from a team's shared library with pagination support

  • List File Component Sets

    Retrieve all published component sets (variant groups) from a specific Figma file's library without pagination

  • Get Component Set

    Retrieve detailed metadata for a specific component set (variant group) by its unique key

  • Get Webhook Requests

    Get webhook delivery logs from the last week

  • Get Local Variables

    Get local and remote variables used in a file (Enterprise only)

  • Get Published Variables

    Get published variables from a file library (Enterprise only)

  • Get Component Actions Analytics

    Get time series data on component actions (insertions, detachments) in a library (Enterprise only)

  • Get Component Usages Analytics

    Get summary data on component instance counts across all files (Enterprise only)

  • Get Style Actions Analytics

    Get time series data on style actions (insertions, detachments) in a library (Enterprise only)

  • Get Style Usages Analytics

    Get summary data on style instance counts across all files (Enterprise only)

  • Get Variable Actions Analytics

    Get time series data on variable actions in a library (Enterprise only)

  • Get Variable Usages Analytics

    Get summary data on variable instance counts across all files (Enterprise only)

  • Render Images

    Renders and exports images of specific nodes from a Figma file in multiple formats (PNG, JPG, SVG, PDF) with customizable scale, bounds, and rendering options for asset generation and design automation workflows

  • Bulk Create/Update/Delete Variables

    Bulk create, update, and delete variables and variable collections (Enterprise only)

  • Bulk Create Dev Resources

    Bulk create developer resource links across multiple files

  • Bulk Update Dev Resources

    Bulk update existing developer resource links

Set Up Your Figma MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to Figma in under 10 lines of code.

MCP Clients

Agent Frameworks

Claude Desktop
{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

More Design & Visual MCP Servers

Miro

82+ actions

Google Slides

47+ actions

Canva

21+ actions

All Design & Visual MCP Servers →

Figma MCP Server Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

Figma MCP Server FAQ

Figma MCP server vs direct API integration — what's the difference?
A Figma MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling Figma. A Figma MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling Figma at runtime. StackOne provides both.
How does Figma authentication work for AI agents?
Figma authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own Figma account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.
Are Figma MCP tools vulnerable to prompt injection?
Yes — Figma MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a Figma agent and how do I avoid it?
Context bloat happens when Figma tool schemas and API responses eat your Figma agent's memory, preventing it from reasoning effectively. A single Figma query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my Figma agent can access?
Yes — you can limit which actions your Figma agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my Figma MCP server?
Yes — you can create custom agent actions for your Figma MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research Figma's API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a Figma MCP server?
Skip a Figma MCP server if your integration is purely software-to-software — direct Figma API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call Figma actions at runtime.
What AI frameworks and AI clients does the StackOne Figma MCP server support?
The StackOne Figma MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo