ClawHub

Google Stitch Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Google Stitch workflow skill whose external-service and code-handoff steps are mostly disclosed and purpose-aligned.

Install this if you want structured Google Stitch MCP workflows and design-to-code handoff guidance. Before using it, decide which external services are allowed, keep API keys scoped, and require explicit approval before npm installs, GitHub pushes, cloud publishing, Shadcn/registry setup, or agent configuration changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
This guidance materially broadens the skill from Stitch/MCP design-transfer workflows into direct codebase modification behavior, including dependency installation and architecture-specific file placement. In a security-sensitive agent setting, that scope expansion increases the chance the agent will make intrusive repository changes or execute package-management actions without explicit user authorization, which can lead to supply-chain exposure, unintended modifications, or workflow overreach.

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
Prescribing 'Push to GitHub' as a recommended workflow step exceeds a Stitch-focused skill and normalizes interaction with external code-hosting infrastructure. If followed automatically by an agent, this could cause unintended code publication, repository changes, or data exfiltration to remote services without a clearly scoped authorization boundary.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal