webflow-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. It retrieves untrusted data from Webflow sites and can execute potentially destructive actions.
- Ingestion points: Data is ingested through
WEBFLOW_GET_PAGE_DOM,WEBFLOW_LIST_COLLECTION_ITEMS, andWEBFLOW_LIST_ORDERS. - Boundary markers: The skill lacks instructions to delimit external content or treat it as untrusted.
- Capability inventory: Significant capabilities include
WEBFLOW_CREATE_COLLECTION_ITEM,WEBFLOW_DELETE_COLLECTION_ITEM, andWEBFLOW_PUBLISH_SITE. - Sanitization: No evidence of data sanitization or validation before processing was found.
- [EXTERNAL_DOWNLOADS]: The skill directs the user to add an external MCP server endpoint
https://rube.app/mcpfor its functionality.
Audit Metadata