stitch-svelte-components
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes a shell script
scripts/fetch-stitch.shdesigned to download content from remote URLs usingcurl. The main instructions direct the agent to retrieve download URLs for design assets from a tool and pass them to this script for local storage. - [COMMAND_EXECUTION]: The skill requires the execution of several shell commands, including
npm installfor dependency management andnpm run devfor local development and verification. It also executes the localscripts/fetch-stitch.shscript. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes HTML content from external, dynamic URLs to guide the generation of Svelte components.
- Ingestion points: Design HTML downloaded via
scripts/fetch-stitch.shas instructed inSKILL.mdStep 1. - Boundary markers: None. The skill does not implement delimiters or instructions to ignore embedded commands within the fetched HTML.
- Capability inventory: The skill has capabilities for file system writes, shell command execution (
Bash), and network downloads (curl). - Sanitization: No validation or sanitization is performed on the downloaded HTML content before it is processed by the agent to generate component code.
Audit Metadata