stitch-to-react

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs embedding design download URLs (e.g., htmlCode.downloadUrl / screenshot.downloadUrl) directly into shell commands, and those URLs are often signed tokens or sensitive URLs, which requires the LLM to output secret-bearing values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill performs runtime fetches of external design artifacts via the Stitch MCP URLs (htmlCode.downloadUrl and screenshot.downloadUrl — e.g., used as "[htmlCode.downloadUrl]" and "[screenshot.downloadUrl]=w{width}" in bash scripts), and the downloaded HTML is parsed to extract Tailwind/config and directly drive code-generation decisions, so these runtime URLs can directly control the agent's prompts/output.