Skills
skills/224-industries/webflow-skills/webflow-enterprise-api/Gen Agent Trust Hub

webflow-enterprise-api

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The script scripts/search_references.py reads local markdown files from the references/ directory. It includes a path validation check (_validate_refs_dir) using Path.resolve() to ensure that file access is restricted to the skill's root directory, preventing directory traversal attacks.
  • [PROMPT_INJECTION]: The script scripts/search_references.py contains a sanitization function sanitize_body that uses a regular expression to filter out common prompt injection patterns (e.g., 'ignore previous', 'system:', '') from reference content before it is displayed to the agent. This serves as a defensive measure against indirect prompt injection if reference files were to be modified by an untrusted party.
  • [COMMAND_EXECUTION]: The provided Python script uses standard libraries and does not invoke external shell commands or perform unsafe dynamic code execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 11:57 PM