webflow-webhooks
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation follows security best practices, emphasizing the use of environment variables for secrets and timing-safe comparisons for signature verification.- [PROMPT_INJECTION]: The scripts/search_references.py utility includes a proactive sanitization mechanism (sanitize_body) that uses regular expressions to filter out common prompt injection patterns from reference content before display.- [DATA_EXFILTRATION]: The skill uses safe placeholders for all credentials and correctly identifies that secrets should never be hardcoded or requested directly from users.- [REMOTE_CODE_EXECUTION]: No evidence of remote code execution or unsafe dependency management was found. Scripts are local and focus on search functionality with directory traversal protection.
Audit Metadata