stitch-swiftui-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 1) explicitly downloads Stitch HTML from htmlCode.downloadUrl using scripts/fetch-stitch.sh (a public URL/GCS downloader) and Step 3 mandates the agent read and map that Stitch HTML/CSS into SwiftUI, so untrusted user-provided page content can directly influence code generation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes scripts/fetch-stitch.sh at runtime to download the Stitch HTML from a provided download URL (e.g., "[htmlCode.downloadUrl]" / GCS URL), and that fetched HTML is injected into the conversion process to directly determine the agent's generated SwiftUI output, so it is a required runtime external dependency that controls the agent's behavior.