webflow-browser-api
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes a defensive script
scripts/search_references.pythat utilizes asanitize_bodyfunction. This function proactively filters out common prompt injection patterns (e.g., 'ignore previous', 'you must') from reference files before the content is presented to the agent. - [DATA_EXFILTRATION]: The Python utility implements a path traversal guard in the
_validate_refs_dirfunction. This ensures that file access is strictly confined to the skill's root directory, preventing unauthorized access to the host file system. - [COMMAND_EXECUTION]: All provided scripts use standard Python libraries for file parsing and regex operations. No usage of dangerous functions such as
eval(),exec(), orsubprocesswas detected. - [SAFE]: The documentation and code samples align with the stated purpose of managing Webflow Analyze and Optimize settings. No malicious obfuscation, hidden persistence mechanisms, or unauthorized data access patterns were identified.
Audit Metadata