Skills
skills/mayank1059/stitch-astro-wp-skill/stitch-astro-wp-delivery/Gen Agent Trust Hub

stitch-astro-wp-delivery

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill defines a workflow that ingests external data from a WordPress REST API and local HTML files.
  • Ingestion points: src/lib/wordpress.js (WordPress REST API) and Phase 4.2 (HTML files exported from Google Stitch).
  • Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore instructions within the ingested content.
  • Capability inventory: The skill utilizes subprocess execution via npm and npx (e.g., npm run build, npx wrangler).
  • Sanitization: Absent; the SOP does not include steps to sanitize or validate the external content before processing.
  • [Data Exposure & Exfiltration] (SAFE): Recommends setting Access-Control-Allow-Origin: * in wp-config.php. While this is a security best practice violation, it is a common configuration for headless CMS setups and does not constitute a malicious exfiltration pattern.
  • [External Downloads] (SAFE): Uses standard package managers (npm, npx) and version control (git) to fetch reputable frameworks (Astro, Tailwind).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:42 PM