stitch-skills
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user descriptions to guide its UI enhancement and code generation workflows.
- Ingestion points: User prompts are ingested and processed by the
enhance-promptandstitch-designworkflows inSKILL.md. - Boundary markers: There are no specific delimiters or instructions to prevent the model from obeying instructions embedded within the user-provided prompt.
- Capability inventory: The skill utilizes
Bash,Write, andWebFetchtools to execute code generation, file organization, and network requests based on those prompts. - Sanitization: No input validation or filtering of the user-provided content is documented or required before processing.
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions for installing tools and components from remote repositories.
- Downloads logic: The skill instructs users to install packages and plugins via
npxand marketplace commands from thegoogle-labs-codeorganization and the author'sakillness/jeo-skillsrepository.
Audit Metadata