stitch-mcp-get-screen

SUSPICIOUS. The skill is mostly coherent with its stated Stitch screen-retrieval purpose and shows no direct credential theft or malicious exfiltration, but it grants broader-than-needed tool scope and relies on undocumented MCP tooling plus transitive loading of other skills. Risk is moderate due to trust and scope issues, not confirmed malware.