stitch-loop

SUSPICIOUS. The skill’s core behavior matches its stated Stitch website-building purpose, and data flows are broadly consistent with official Stitch usage. Risk comes from autonomous looping, wildcard Stitch tool access, shell-based downloading of generated assets, and optional `npx` execution; these are proportionate to the task but still create meaningful security exposure for an AI agent.