stitch-uviewpro-components
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a Bash script (
scripts/fetch-stitch.sh) to perform downloads. This is a common pattern for reliable content retrieval. - [EXTERNAL_DOWNLOADS]: The skill fetches design specifications and HTML content from Stitch (a Google service) via the get_screen tool and a helper script.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external HTML content from design files.
- Ingestion points: External HTML content is fetched from URLs provided by the Stitch design tool (SKILL.md, scripts/fetch-stitch.sh).
- Boundary markers: No specific delimiters or instructions to disregard embedded commands in the source HTML are present in the provided files.
- Capability inventory: The agent has permissions for Bash, Write, Read, and web_fetch tools.
- Sanitization: The fetched HTML is processed directly to generate code without a visible sanitization or validation step.
Audit Metadata