This is not a vulnerability report.
I reviewed grab/cursor-talk-to-figma-mcp and would tighten one path first.
src/cursor_mcp_plugin/code.js:75 is the clearest consequential seam in the repo.
A vendor-side action often becomes consequential at the final request or checkout step, not at task start.
I would start by guarding the click or checkout path itself before widening anything else.
I can send the exact first patch if useful.
This is not a vulnerability report.
I reviewed grab/cursor-talk-to-figma-mcp and would tighten one path first.
src/cursor_mcp_plugin/code.js:75 is the clearest consequential seam in the repo.
A vendor-side action often becomes consequential at the final request or checkout step, not at task start.
I would start by guarding the click or checkout path itself before widening anything else.
I can send the exact first patch if useful.