stitch-ui-designer
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of instructions attempting to bypass safety filters, reveal system prompts, or override agent behavior. The skill defines strict operational workflows and trigger phrases for activation.
- [DATA_EXFILTRATION]: No hardcoded credentials or sensitive file paths were identified. While the skill has access to network and file-writing tools, their usage is scoped to the legitimate generation of UI design projects.
- [REMOTE_CODE_EXECUTION]: The skill explicitly prohibits writing executable code (Vue, React, HTML) and using external project scaffolding tools. It relies solely on authorized MCP tools for its design operations.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface where it ingests untrusted user input into its prompt-assembly workflow. It uses structured headers like
[Context],[Layout], and[Components]as boundary markers to mitigate accidental instruction obedience. Capabilities include file writing and network access, but these are managed through a structured design-focused pipeline. - [OBFUSCATION]: No encoded content, zero-width characters, or hidden text patterns were found in the skill files.
Audit Metadata