stitch-vue-element-components
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local shell script,
scripts/fetch-stitch.sh, which is invoked via bash to perform data retrieval operations usingcurl. - [EXTERNAL_DOWNLOADS]: The skill fetches HTML and design metadata from external URLs provided by the Stitch platform. These resources are necessary for the skill's primary function of converting designs into code.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted HTML from external sources to generate code. A malicious design could contain hidden instructions intended to manipulate the code output.
- Ingestion points: HTML content downloaded via
scripts/fetch-stitch.shand screen metadata retrieved from the Stitch MCP. - Boundary markers: There are no explicit markers or instructions provided to the agent to distinguish between design data and potential instructions within that data during the parsing and conversion process.
- Capability inventory: The skill allows the agent to write files to the local project structure and execute bash commands for network fetching.
- Sanitization: The instructions do not define any sanitization, filtering, or validation steps for the design content before it is used to generate Vue components.
Audit Metadata