stitch-mcp-get-project

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md requires calling the MCP get_project tool to fetch Stitch project data (e.g., from stitch.withgoogle.com), including the user-authored/auto-generated designMd and namedColors, and explicitly instructs the agent to read and use that content to generate screens, which means untrusted third-party project content can influence subsequent actions.