Skip to main content

stitchflow

Transforms briefs and mockups into UI screens and Tailwind-friendly HTML, enhancing design workflows with natural language input.

Install this skill

or
0/100

Security score

The stitchflow skill was audited on Mar 19, 2026 and we found 8 security issues across 2 threat categories, including 6 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 19

Template literal with variable interpolation in command context

SourceSKILL.md
19It uses the local toolkit at `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}` instead of a Stitch MCP tool.
high line 23

Template literal with variable interpolation in command context

SourceSKILL.md
23- Toolkit root: `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}`
high line 24

Template literal with variable interpolation in command context

SourceSKILL.md
24- API key is expected in `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}/.env`
high line 25

Template literal with variable interpolation in command context

SourceSKILL.md
25- Outputs are saved to `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}/runs`
high line 26

Template literal with variable interpolation in command context

SourceSKILL.md
26- The latest single-screen result is tracked in `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}/runs/latest-screen.json`
high line 96

Template literal with variable interpolation in command context

SourceSKILL.md
96- the output folder under `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}/runs`
medium line 24

Access to .env file

SourceSKILL.md
24- API key is expected in `${STITCH_STARTER_ROOT:-$HOME/.agents/stitch-starter}/.env`
medium line 53

Access to .env file

SourceSKILL.md
537. Never print or expose `STITCH_API_KEY` or `.env` contents.
Scanned on Mar 19, 2026
View Security Dashboard
Installation guide →
GitHub Stars 1
Rate this skill
Categorydesign
UpdatedApril 10, 2026
codexclaude-codeopenclawgithub-copilotgemini-clidesigncross-platformux-designerproduct-designerfrontend-developerdesigndevelopment
yshishenya/stitchflow