Skills
skills/partme-ai/stitch-skills/stitch-design-md/Gen Agent Trust Hub

stitch-design-md

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the web_fetch tool to download HTML and image assets from URLs provided by the Stitch MCP tools, specifically from the stitch.withgoogle.com domain, which is a trusted organization source.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its core function of ingesting and analyzing untrusted external content.
  • Ingestion points: Untrusted data enters the agent context through web_fetch calls to htmlCode.downloadUrl and screenshot.downloadUrl as defined in SKILL.md.
  • Boundary markers: The skill lacks explicit boundary markers or instructions to the agent to disregard embedded commands within the analyzed HTML.
  • Capability inventory: The agent possesses the Write capability (to create DESIGN.md) and web_fetch capability across its scripts.
  • Sanitization: No evidence of sanitization, filtering, or validation of the external HTML content is present before it is processed by the AI for design synthesis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 08:32 AM