webflow-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's runtime workflow (SKILL.md and the event handlers in references/event-types.md and the Processing Events code) accepts and parses Webflow webhook POST payloads (form submissions, comments, CMS items, orders) — untrusted, user-generated third‑party content — and routes/handles those payloads as part of its processing, so that content could materially influence subsequent actions.