figma-incident-runbook
Respond to Figma API outages, auth failures, and rate limit incidents. Use when Figma integration is down, experiencing errors, or running post-incident reviews for Figma-related failures. Trigger with phrases like "figma incident", "figma outage", "figma down", "figma broken", "figma emergency".
Best use case
figma-incident-runbook is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Respond to Figma API outages, auth failures, and rate limit incidents. Use when Figma integration is down, experiencing errors, or running post-incident reviews for Figma-related failures. Trigger with phrases like "figma incident", "figma outage", "figma down", "figma broken", "figma emergency".
Teams using figma-incident-runbook should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/figma-incident-runbook/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How figma-incident-runbook Compares
| Feature / Agent | figma-incident-runbook | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Respond to Figma API outages, auth failures, and rate limit incidents. Use when Figma integration is down, experiencing errors, or running post-incident reviews for Figma-related failures. Trigger with phrases like "figma incident", "figma outage", "figma down", "figma broken", "figma emergency".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Figma Incident Runbook
## Overview
Rapid incident response procedures for Figma REST API integration failures. Covers triage, mitigation, and postmortem for the most common failure modes.
## Prerequisites
- Access to application logs and metrics
- Figma PAT for health checks
- Communication channel (Slack, PagerDuty)
## Instructions
### Step 1: Quick Triage (First 5 Minutes)
```bash
#!/bin/bash
echo "=== Figma Incident Triage ==="
# 1. Is Figma itself down?
echo -n "Figma Status: "
curl -s https://www.figmastatus.com/api/v2/status.json 2>/dev/null \
| jq -r '.status.description // "Cannot reach status page"'
# 2. Is our token valid?
echo -n "Auth Check: "
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
-H "X-Figma-Token: ${FIGMA_PAT}" \
https://api.figma.com/v1/me)
echo "$HTTP_CODE"
# 3. Can we read a known file?
echo -n "File Access: "
curl -s -H "X-Figma-Token: ${FIGMA_PAT}" \
"https://api.figma.com/v1/files/${FIGMA_FILE_KEY}?depth=1" \
| jq -r '.name // "FAILED"'
# 4. Are we rate limited?
echo "Rate Limit Headers:"
curl -s -D - -o /dev/null \
-H "X-Figma-Token: ${FIGMA_PAT}" \
https://api.figma.com/v1/me 2>/dev/null \
| grep -iE "(retry-after|rate-limit|figma)" || echo "No rate limit headers"
```
### Step 2: Decision Tree
```
API returning errors?
├── 403 Forbidden
│ ├── Token expired (>90 days) → Rotate PAT immediately
│ ├── Wrong scopes → Regenerate with correct scopes
│ └── File not shared → Check file permissions
│
├── 429 Rate Limited
│ ├── Retry-After < 60s → Wait and retry automatically
│ ├── Retry-After > 300s → Reduce request volume
│ └── X-Figma-Rate-Limit-Type: low → Consider upgrading plan
│
├── 404 Not Found
│ ├── File deleted → Check with file owner
│ ├── Wrong file key → Verify FIGMA_FILE_KEY
│ └── API path wrong → Check endpoint documentation
│
├── 500/503 Server Error
│ ├── status.figma.com shows incident → Wait for resolution
│ ├── Intermittent → Retry with backoff
│ └── Persistent → Contact Figma support
│
└── Network Error (ECONNREFUSED, timeout)
├── DNS resolution failing → Check DNS config
├── Firewall blocking → Verify outbound HTTPS to api.figma.com
└── TLS error → Check Node.js version (18+ required)
```
### Step 3: Immediate Mitigation
**For 403 (Token Expired):**
```bash
# Generate new PAT in Figma Settings > Personal access tokens
# Then update your deployment:
# GitHub Actions
gh secret set FIGMA_PAT --body "figd_new-token-here"
# Cloud Run
echo -n "figd_new-token" | gcloud secrets versions add figma-pat --data-file=-
gcloud run services update my-service --update-secrets="FIGMA_PAT=figma-pat:latest"
# Fly.io
fly secrets set FIGMA_PAT=figd_new-token
```
**For 429 (Rate Limited):**
```typescript
// Emergency: disable non-critical Figma calls
const EMERGENCY_MODE = process.env.FIGMA_EMERGENCY === 'true';
async function safeFigmaCall<T>(
path: string,
critical: boolean = false
): Promise<T | null> {
if (EMERGENCY_MODE && !critical) {
console.warn(`Figma call skipped (emergency mode): ${path}`);
return null;
}
return figmaFetch(path);
}
```
**For 500/503 (Figma Down):**
```typescript
// Serve cached data when Figma is unavailable
async function getTokensWithFallback() {
try {
return await extractTokensFromFigma();
} catch (error) {
console.warn('Figma unavailable, serving cached tokens');
// Return last-known-good tokens from cache or file
const cached = await readFile('output/tokens.json', 'utf-8');
return JSON.parse(cached);
}
}
```
### Step 4: Communication
```markdown
## Internal Notification (Slack)
**Figma Integration Alert**
- Status: INVESTIGATING / MITIGATED / RESOLVED
- Impact: [Design token sync paused / Asset export failing]
- Cause: [403 expired token / 429 rate limit / Figma outage]
- Action: [Rotating token / Reducing request rate / Waiting for Figma]
- ETA: [Next update in 15 min]
## External (if applicable)
Design system updates may be delayed due to a temporary issue
with our Figma integration. Cached data is being served.
```
### Step 5: Postmortem Template
```markdown
## Figma Incident Postmortem
**Date:** YYYY-MM-DD
**Duration:** X hours Y minutes
**Severity:** P1/P2/P3
### Summary
[One sentence: what happened and what was the impact]
### Timeline
- HH:MM UTC - First alert fired (describe alert)
- HH:MM UTC - On-call acknowledged
- HH:MM UTC - Root cause identified
- HH:MM UTC - Mitigation applied
- HH:MM UTC - Full resolution confirmed
### Root Cause
[Technical explanation, e.g., "PAT expired after 90 days without rotation"]
### Action Items
- [ ] Set up PAT rotation reminder at 80-day mark
- [ ] Add 403 alert to PagerDuty
- [ ] Implement cached fallback for token data
```
## Output
- Issue identified via triage script
- Root cause determined from decision tree
- Mitigation applied (token rotation, fallback mode, etc.)
- Stakeholders notified
- Postmortem documented
## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| Can't reach status.figma.com | Network issue | Try from different network or mobile |
| Triage script fails | PAT not set | Set FIGMA_PAT before running |
| Fallback data stale | Last cache too old | Set up regular cache refresh |
| Alert not firing | Missing metrics | Verify Prometheus scrape config |
## Resources
- [Figma Status Page](https://status.figma.com)
- [Figma Support](https://help.figma.com/hc/en-us/requests/new)
- [Figma Developer Forum](https://forum.figma.com/)
## Next Steps
For data handling, see `figma-data-handling`.Related Skills
responding-to-security-incidents
Analyze and guide security incident response, investigation, and remediation processes. Use when you need to handle security breaches, classify incidents, develop response playbooks, gather forensic evidence, or coordinate remediation efforts. Trigger with phrases like "security incident response", "ransomware attack response", "data breach investigation", "incident playbook", or "security forensics".
windsurf-incident-runbook
Execute Windsurf incident response when AI features fail or cause production issues. Use when Cascade breaks code, Windsurf service is down, AI-generated code causes production incidents, or team needs emergency Windsurf troubleshooting. Trigger with phrases like "windsurf incident", "windsurf outage", "windsurf broke production", "cascade caused bug", "windsurf emergency".
webflow-incident-runbook
Execute Webflow incident response — triage by HTTP status (401/403/429/500), circuit breaker activation, cached fallback, Webflow status page checks, communication templates, and postmortem process. Trigger with phrases like "webflow incident", "webflow outage", "webflow down", "webflow on-call", "webflow emergency", "webflow broken".
vercel-incident-runbook
Vercel incident response procedures with triage, instant rollback, and postmortem. Use when responding to Vercel-related outages, investigating production errors, or running post-incident reviews for deployment failures. Trigger with phrases like "vercel incident", "vercel outage", "vercel down", "vercel on-call", "vercel emergency", "vercel broken".
veeva-incident-runbook
Veeva Vault incident runbook for enterprise operations. Use when implementing advanced Veeva Vault patterns. Trigger: "veeva incident runbook".
vastai-incident-runbook
Execute Vast.ai incident response for GPU instance failures and outages. Use when responding to instance failures, investigating training crashes, or handling spot preemption emergencies. Trigger with phrases like "vastai incident", "vastai outage", "vastai down", "vastai emergency", "vastai instance failed".
twinmind-incident-runbook
Incident response for TwinMind failures: transcription not starting, audio not captured, sync failures, and calendar disconnect. Use when implementing incident runbook, or managing TwinMind meeting AI operations. Trigger with phrases like "twinmind incident runbook", "twinmind incident runbook".
supabase-incident-runbook
Execute Supabase incident response: dashboard health checks, connection pool status, pg_stat_activity queries, RLS debugging, Edge Function logs, storage health, and escalation. Use when responding to Supabase outages, investigating production errors, debugging connection issues, or preparing evidence for Supabase support escalation. Trigger: "supabase incident", "supabase outage", "supabase down", "supabase on-call", "supabase emergency", "supabase broken", "supabase connection issues".
speak-incident-runbook
Incident response for Speak API outages: triage, fallback to offline mode, and recovery procedures. Use when implementing incident runbook, or managing Speak language learning platform operations. Trigger with phrases like "speak incident runbook", "speak incident runbook".
snowflake-incident-runbook
Execute Snowflake incident response with triage, rollback, and postmortem using real SQL diagnostics. Use when responding to Snowflake outages, investigating query failures, or running post-incident reviews for pipeline failures. Trigger with phrases like "snowflake incident", "snowflake outage", "snowflake down", "snowflake on-call", "snowflake emergency".
shopify-incident-runbook
Execute Shopify incident response with triage using Shopify status page, API health checks, and rate limit diagnosis. Trigger with phrases like "shopify incident", "shopify outage", "shopify down", "shopify on-call", "shopify emergency", "shopify not responding".
sentry-incident-runbook
Execute incident response procedures using Sentry error monitoring. Use when investigating production outages, triaging error spikes, classifying incident severity, or building postmortem reports from Sentry data. Trigger with phrases like "sentry incident", "sentry triage", "investigate sentry error", "sentry runbook", "production incident sentry".