stitch-mcp-get-screen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and downloads HTML from external Stitch output URLs (htmlCode.downloadUrl / storage.googleapis.com) using scripts/fetch-stitch.sh and then reads/parses that HTML as part of its conversion workflow, exposing the agent to untrusted, user-generated content that could influence subsequent actions.