Skills
skills/gabelul/stitch-kit/stitch-mcp-list-projects/Gen Agent Trust Hub

stitch-mcp-list-projects

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified through the ingestion of external data.
  • Ingestion points: The skill retrieves project names, titles, and timestamps from the list_projects tool.
  • Boundary markers: No delimiters or specific instructions are provided to the agent to ignore or isolate natural language instructions that might be embedded in the project titles.
  • Capability inventory: The skill environment allows access to stitch*:* tools, providing a surface for actions that could be triggered by an injection.
  • Sanitization: There is no sanitization or verification process for the content of the project titles before they are presented to the user or used by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:42 AM