Skills
skills/aradotso/mcp-skills/stitch-mcp-cli/Gen Agent Trust Hub

stitch-mcp-cli

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The init command downloads and installs an isolated version of the Google Cloud SDK to manage project authentication and API access.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of local development commands, such as starting a Vite server with serve and generating project files via the site command.
  • [REMOTE_CODE_EXECUTION]: The documentation instructs users to execute code from the NPM registry using npx @_davideast/stitch-mcp.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes HTML/CSS content from the Stitch API. If a design project contains malicious instructions, they could influence the agent during design review or code integration.
  • Ingestion points: Screen code and project data fetched via get_screen_code and build_site (SKILL.md).
  • Boundary markers: None; external design content is interpolated directly into agent prompts for analysis.
  • Capability inventory: Local file system writes, network requests to Google APIs, and local server execution.
  • Sanitization: No validation or sanitization of the design content is performed before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 12:51 PM
Security Audit — agent-trust-hub — stitch-mcp-cli