design-loop
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to manage the development environment, such as checking for installed packages via
lsand running a local preview server usingnpx serve.\n- [EXTERNAL_DOWNLOADS]: Fetches generated design assets, including HTML templates and screenshots, from the Google Stitch service when the optional SDK backend is enabled.\n- [REMOTE_CODE_EXECUTION]: Instructs the agent to install the@google/stitch-sdkpackage from the npm registry to support AI-driven design generation.
Audit Metadata