stitch-ui-prompt-architect
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides links to several official documentation websites and GitHub repositories for established UI frameworks such as Bootstrap Vue, Element Plus, Layui-Vue, Vant, and uView. These references are used to ensure that the generated prompts are consistent with industry standards and official design systems.
- [PROMPT_INJECTION]: The skill accepts user requests and design specifications as input to generate prompts, which introduces a surface for indirect prompt injection.
- Ingestion points: The Path B workflow merges user-provided strings and design specifications into the final output.
- Boundary markers: The generated prompt utilizes structured headers like [Context], [Layout], and [Components] to help distinguish different sections of the instructions.
- Capability inventory: The skill is restricted to the 'Read' and 'Write' tools; no access to system commands, shells, or network requests is requested or utilized.
- Sanitization: No specific filtering or escaping mechanisms are described for the input data before it is interpolated into the prompt templates.
Audit Metadata