authoring-stitch-prompts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user-provided specifications and natural language to generate prompts, creating a surface for indirect prompt injection. Ingestion points: Natural language descriptions and structured specs as defined in SKILL.md. Boundary markers: Use of '---' and HTML comments to separate prompt sections in output files. Capability inventory: Local filesystem writes to the design-intent directory and the ability to invoke the generating-stitch-screens MCP tool. Sanitization: No explicit sanitization or filtering of instruction-like content in input files was detected.
- [Data Exposure] (SAFE): The skill reads package.json and constitution.md to provide project-specific design context. This access is limited to project metadata and does not expose sensitive credentials.
Audit Metadata