pencil-design-from-stitch-html
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches HTML and screenshots from the Stitch platform (stitch.withgoogle.com) to provide source data for the conversion process.
- [COMMAND_EXECUTION]: Utilizes Bash and the Write tool to download HTML source code and manage temporary files locally.
- [PROMPT_INJECTION]: The skill serves as an indirect prompt injection surface because it processes untrusted HTML from external URLs or user input.
- Ingestion points: HTML source code provided via Stitch download URLs or direct user input.
- Boundary markers: No explicit delimiters or boundary instructions are defined to separate untrusted HTML content from the agent's processing instructions.
- Capability inventory: Includes access to Bash, file system writing, web fetching, and Pencil design operations.
- Sanitization: No documentation indicates that external HTML is sanitized or stripped of potentially malicious scripts before parsing.
Audit Metadata