Skills
skills/partme-ai/stitch-skills/stitch-react-components/Snyk

stitch-react-components

Warn

Audited by Snyk on Mar 6, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md "Retrieval and Networking" and examples/usage.md) instructs calling Stitch MCP get_screen and downloading the design HTML via htmlCode.downloadUrl (using scripts/fetch-stitch.sh) and then parsing that HTML/Tailwind config to drive component generation, meaning the agent fetches and interprets untrusted third‑party (Stitch/GCS) content that can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches the Stitch screen HTML at runtime via scripts/fetch-stitch.sh using the htmlCode.downloadUrl (e.g., an external GCS/https://... download URL), and that fetched HTML is injected into the agent's processing to drive what code/components are generated, so the remote content directly controls the agent's outputs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 08:32 AM