stitch-react-native-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required Step 1 explicitly downloads and ingests HTML from a third-party URL (bash scripts/fetch-stitch.sh using htmlCode.downloadUrl — GCS URLs) and then parses that HTML as the core input for the HTML → React Native mapping, so untrusted/third-party content can directly influence component generation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs scripts/fetch-stitch.sh at runtime to download the design HTML from a remote URL (referenced as "[htmlCode.downloadUrl]" — typically a GCS download link), and that fetched HTML is a required input that directly determines the model’s conversion instructions/output, so it is a runtime external dependency controlling agent behavior.