stitch-to-page-conversion
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill directs the agent to ingest untrusted external content and use it to perform file-writing tasks. 1. Ingestion points: The Analysis phase in SKILL.md specifically requires reading 'provided screenshots' and 'exported HTML'. 2. Boundary markers: The guidelines provide no delimiters or 'ignore embedded instructions' warnings to isolate the untrusted design data from the agent's instructions. 3. Capability inventory: The 'Page Implementation' section grants the agent authority to 'Create a new page component' and modify the file system within the 'pages/' and 'components/' directories. 4. Sanitization: There is no mention of sanitizing or validating the structure or content of the design exports before they are used to generate application code.
Recommendations
- AI detected serious security threats
Audit Metadata