The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill retrieves UI assets and HTML code from Google's Stitch service (stitch.google.com). These downloads are restricted to a well-known service and are necessary for the skill's primary function of design-to-code conversion.
[DATA_EXFILTRATION]: Analysis of the skill's logic shows it only handles data within the context of the agent's workspace and the specific Stitch service. No patterns were found indicating the exfiltration of credentials or sensitive user data to unauthorized third-party domains.
[COMMAND_EXECUTION]: The skill requests access to stitch*:* tools and standard file system Read/Write tools. These permissions are consistent with the stated purpose of fetching design data and reading framework-specific configuration files from sibling directories.
[PROMPT_INJECTION]: The skill includes instructional constraints (marked as CRITICAL) to ensure the agent uses the correct IDs and follows specific framework conversion logic. These are standard task guidelines and do not attempt to bypass safety filters or override core agent behavior.

stitch-mcp-get-screen