Content Reel
Medium riskNeeds Review
Fills designs with text strings, avatars and icons pulled from a shared content library.
- Platform
- Figma
- Category
- Content
- Developer
- Microsoft
- Pricing
- Free
- Official website
- www.figma.com
Review summary
Placeholder review. The plugin communicates with Microsoft-hosted services to fetch content. What metadata accompanies those requests is unknown pending traffic inspection.
Privacy overview
What this plugin can access and where data may go. “Unknown” means we have not verified it — not that it is safe or unsafe.
- Data accessed
- Selected layers
- Text content of filled layers
- Permissions requested
- Current page read/write
- Network access
- External services
- Microsoft content service
- External APIs
- Content Reel API (observed in documentation)
- Database connections
- Unknown — not yet reviewed
- Authentication
- Microsoft account (optional; for publishing)
- Cloud storage
- Microsoft-hosted content library
- Analytics
- Unknown — not yet reviewed
- AI providers
- None observed
- Telemetry
- Unknown — not yet reviewed
- Cookies
- Unknown — not yet reviewed
Risk assessment
- Risk level
- Medium risk
- Why this risk exists
- Placeholder assessment: content is fetched from a remote Microsoft service, and a Microsoft account is used for publishing shared palettes. The exact data sent alongside requests is not verified.
- Mitigation
- Avoid filling layers with confidential text while behavior is unverified.
- Confidence
- Low
Review methodology
- Tests performed
- Documentation review
- Privacy policy read
- Basic manual usage
- Evidence
- Official documentation (read)
- Microsoft privacy statement (read)
- Known limitations
- Traffic inspection not yet performed
- Retention policy for published palettes unknown
- Reviewer
- SafeYourData team
Read more about how we review and what Verified, Observed, Inferred and Unknown mean.
Review timeline
- Initial review published