stitch-mcp-get-screen
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches user-requested HTML code, high-resolution screenshots, and Figma assets from official Google Stitch download endpoints (stitch.google.com).
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its multi-source data ingestion pipeline.
- Ingestion points: User-provided project/screen paths, HTML source code retrieved from the Stitch API, and local configuration files (contracts, APIs, examples) read from related framework skills (e.g.,
stitch-uviewpro-components). - Boundary markers: Absent. The instructions do not define specific delimiters or instructions for the agent to ignore potentially embedded commands within the fetched HTML or reference files.
- Capability inventory: The skill utilizes the
Readtool to access the local file system andstitchtools to communicate with external APIs. - Sanitization: Absent. There is no specified logic for validating or escaping the content retrieved from external or local sources before it is processed by the agent for code generation.
Audit Metadata