stitch-uviewpro-components
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local shell script named scripts/fetch-stitch.sh using the Bash tool. This script is used as a utility to handle content retrieval from the Stitch design platform.
- [EXTERNAL_DOWNLOADS]: The fetch script uses curl to download HTML content from remote URLs, typically originating from Google Cloud Storage via the Stitch service. These downloads are performed to retrieve the necessary source material for code generation.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it downloads and parses external HTML content. 1. Ingestion points: Remote HTML is saved to temp/source.html and subsequently read by the agent. 2. Boundary markers: No delimiters or 'ignore' warnings are used when processing the fetched HTML. 3. Capability inventory: The skill has Bash (curl), Read, and Write capabilities. 4. Sanitization: There is no evidence of sanitization or validation of the fetched content before it is processed by the agent.
Audit Metadata