stitch-html-components
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design assets and HTML code from Google Cloud Storage using a local bash script.
- [COMMAND_EXECUTION]: Executes a helper bash script (fetch-stitch.sh) to manage downloads with curl and perform basic file verification.
- [PROMPT_INJECTION]: Processes untrusted HTML and metadata from the Stitch platform, which serves as a surface for indirect prompt injection. Ingestion points: Project data from the Stitch get_screen tool and downloaded HTML files. Boundary markers: None identified in the skill instructions to separate project data from agent instructions. Capability inventory: Shell script execution (Bash), file system read/write, and access to Stitch MCP tools. Sanitization: No programmatic sanitization is defined; the skill relies on the agent auditing and manually rewriting the code.
Audit Metadata