stitch-vue-bootstrap-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow calls Stitch MCP get_screen to obtain htmlCode.downloadUrl and instructs using scripts/fetch-stitch.sh to download and parse that Stitch-hosted HTML (user-generated/untrusted design content), which the agent must read and interpret to drive component conversion.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's scripts/fetch-stitch.sh explicitly curl's a runtime-provided htmlCode.downloadUrl (invoked as bash scripts/fetch-stitch.sh "<htmlCode.downloadUrl>" … and implemented as curl -L -f -sS "$URL"), which downloads external Stitch HTML that is then parsed and injected into the agent's conversion flow and thus directly controls the agent's prompts/outputs.