stitch-prompt-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a structured framework for enhancing UI prompts for a service called 'Stitch'. Analysis of the
SKILL.mdand the accompanying test filestitch-prompt-engineer.test.mjsrevealed no security threats. - [PROMPT_INJECTION]: No prompt injection or jailbreak attempts were detected. The instructions focus on improving prompt specificity and adhering to a design system.
- [DATA_EXFILTRATION]: No network requests, hardcoded credentials, or sensitive file path accesses were found. The skill uses 'Read' and 'Write' tools legitimately to access a local
DESIGN.mdfile and output enhanced prompts. - [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as
curl | bashor dynamiceval()calls, are present. - [COMMAND_EXECUTION]: The skill does not execute system commands or interact with the shell.
- [EXTERNAL_DOWNLOADS]: The skill references an official documentation link (stitch.withgoogle.com), which is a well-known service and considered safe according to the analysis guidelines.
- [OBFUSCATION]: No obfuscated content, Base64 strings, zero-width characters, or hidden URLs were identified.
- [PRIVILEGE_ESCALATION]: There are no attempts to acquire elevated permissions (e.g.,
sudo,chmod 777). - [PERSISTENCE]: The skill does not attempt to establish persistence on the host system.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes user-provided UI ideas (untrusted data), it does so using a structured transformation process and encourages the use of specific hex codes and component names, which reduces the surface for accidental instruction following. No vulnerable interpolation patterns were found.
Audit Metadata