stitch-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses Stitch project screens (e.g., SKILL.md Part 1 Retrieval: "Use Stitch MCP to fetch project screens, HTML code, and metadata" and references/stitch-mcp-commands.md showing mcp_stitch_list_screens returns "html" and imageUrl, plus instructions to download HTML via system-level curl), meaning it ingests user-generated/untrusted HTML from external Stitch projects and uses that content to drive design extraction and autonomous build/edit decisions.