stitch-mcp

SUSPICIOUS. The skill's design purpose is coherent, but it disproportionately steers agents toward a non-Google proxy CLI as the primary path and routes API/OAuth handling through that third-party tool. Because the recommended CLI is external to Google and may receive credentials while performing broad setup/configuration, this is a high security risk supply-chain and credential-forwarding pattern, though not confirmed malware.