Skills
skills/acedergren/agentic-tools/stitch-design-system/Gen Agent Trust Hub

stitch-design-system

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: The skill fetches HTML code from htmlCode.downloadUrl using the web_fetch tool in Step 5 of the Retrieval Workflow.
  • Boundary markers: The instructions lack explicit delimiters or "ignore" directives to prevent the agent from obeying instructions embedded within the analyzed HTML content.
  • Capability inventory: The agent possesses the Write tool to create files and the stitch*:* toolset to interact with design projects.
  • Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed by the LLM for design synthesis.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the web_fetch tool to retrieve external assets (HTML source and screenshots). While these downloads are part of the primary function for analyzing design projects, fetching content from dynamic URLs represents an inherent attack surface that should be monitored for SSRF or malicious payload delivery.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:24 PM