ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Google Stitch MCP

v1.0.0

Manage Stitch UI design projects and screens remotely, including creating projects, listing and retrieving screens, and generating or editing UI screens via...

1· 149·0 current·0 all-time
by@arielletolome
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a Google Stitch MCP toolset (project/screen management and AI generation) and the documented HTTP endpoints and methods are consistent with that purpose. The described functionality (create/list/get projects/screens, generate/edit screens) aligns with the skill name and description.
Instruction Scope
Instructions are limited to calling a remote MCP HTTP endpoint (https://stitch.googleapis.com/mcp) and handling responses. The runtime guidance does not ask the agent to read unrelated local files or secrets, or to call unexpected endpoints. It does, however, instruct the user/agent to set and send an API key via the STITCH_API_KEY env var — which is not declared in the skill metadata (scope mismatch).
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so there is no local installation or third-party download risk.
!
Credentials
The SKILL.md explicitly recommends and shows use of an API key (STITCH_API_KEY) passed in X-Goog-Api-Key, but the skill's registry metadata lists no required environment variables or primary credential. That omission is an inconsistency: the skill expects a long-lived API key but does not declare it. The API key is proportionate to the described functionality, but the metadata mismatch raises a transparency and trust concern.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges (always:false). It is user-invocable and allows autonomous invocation by default, which is normal; there is no evidence it modifies other skills or system-wide settings.
What to consider before installing
The skill's instructions clearly use a Stitch API key (STITCH_API_KEY) to call https://stitch.googleapis.com/mcp, but the package metadata did not declare that credential — this mismatch is suspicious. Before installing: verify the publisher/source (is this really an official Google skill?), confirm you obtained the API key from the official Stitch site, and avoid supplying a broad or production API key. Prefer a scoped or test key, restrict allowed origins/referrers if possible, and avoid putting sensitive PII in generation prompts or responses. If you can't verify the publisher or why the metadata omits the required env var, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b394awagrx882rfqf4kqs8983mc86

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments