Content Reel

Medium riskNeeds Review

Fills designs with text strings, avatars and icons pulled from a shared content library.

Platform
Figma
Category
Content
Developer
Microsoft
Pricing
Free
Official website
www.figma.com

Review summary

Placeholder review. The plugin communicates with Microsoft-hosted services to fetch content. What metadata accompanies those requests is unknown pending traffic inspection.

Privacy overview

What this plugin can access and where data may go. “Unknown” means we have not verified it — not that it is safe or unsafe.

Data accessed
  • Selected layers
  • Text content of filled layers
Permissions requested
  • Current page read/write
  • Network access
External services
  • Microsoft content service
External APIs
  • Content Reel API (observed in documentation)
Database connections
Unknown — not yet reviewed
Authentication
Microsoft account (optional; for publishing)
Cloud storage
  • Microsoft-hosted content library
Analytics
Unknown — not yet reviewed
AI providers
  • None observed
Telemetry
Unknown — not yet reviewed
Cookies
Unknown — not yet reviewed

Risk assessment

Risk level
Medium risk
Why this risk exists
Placeholder assessment: content is fetched from a remote Microsoft service, and a Microsoft account is used for publishing shared palettes. The exact data sent alongside requests is not verified.
Mitigation
Avoid filling layers with confidential text while behavior is unverified.
Confidence
Low

Review methodology

Tests performed
  • Documentation review
  • Privacy policy read
  • Basic manual usage
Evidence
  • Official documentation (read)
  • Microsoft privacy statement (read)
Known limitations
  • Traffic inspection not yet performed
  • Retention policy for published palettes unknown
Reviewer
SafeYourData team

Read more about how we review and what Verified, Observed, Inferred and Unknown mean.

Review timeline

  1. Initial review published

Resources