Stitch Ui Designer

Security checks across malware telemetry and agentic risk

Overview

The skill has a legitimate UI-design purpose, but its setup can persistently add a tool that runs an unpinned npm package with Google Cloud access.

Review before installing. Use this only if you are comfortable with a persistent mcporter entry that runs an external npm package. Prefer pinning or independently verifying `stitch-mcp-auto`, use a dedicated least-privileged Google Cloud account/project, and manually confirm before any config, authentication, project creation, or file write action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill directs the agent to modify the user's local mcporter configuration by adding a new server entry, but it does not require explicit user consent or warn that a persistent local configuration change will be made. This is dangerous because configuration changes can alter future tool behavior, expand available execution surfaces, and persist beyond the current task without the user realizing it.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs the agent to ensure Google Cloud authentication and references project/environment setup without a user-facing warning that credentials, account context, and environment variables may be accessed or modified. This creates risk of unintended credential use, account confusion, or disclosure of sensitive project context during setup and operation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal