stitch-mcp-get-screen
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves design assets, including HTML source code and screenshot images, from Google Cloud Storage (
storage.googleapis.com). This is a legitimate and expected operation for the skill's purpose of design retrieval. - [COMMAND_EXECUTION]: The skill executes a local bash script (
scripts/fetch-stitch.sh) to perform file downloads viacurl. The script is well-written, using best practices such as variable quoting and redirect handling to ensure reliability and security during network operations. - [SAFE]: The skill's functionality is transparent and aligns with its stated purpose of design retrieval and routing to conversion frameworks. It uses standard tools and connects to well-known, trusted infrastructure without any detected malicious patterns or obfuscation.
Audit Metadata