stitch-design-md
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches HTML and visual assets from Stitch download URLs (
htmlCode.downloadUrl,screenshot.downloadUrl) retrieved through the Stitch MCP server. These downloads are required for the skill's primary function of documenting design patterns and are sourced from the user's own project infrastructure hosted by Google. - [PROMPT_INJECTION]: The skill processes untrusted external HTML data to extract design tokens, which represents a surface for indirect prompt injection. However, no malicious instructions or bypass attempts were found, and this ingestion is essential for the intended design analysis functionality.
- [COMMAND_EXECUTION]: The skill uses predefined MCP tools (
stitch*:*) to interact with project metadata. These operations are restricted to listing and retrieving project-specific information and do not involve arbitrary shell command execution.
Audit Metadata