Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/webflow-core-workflow-b/Gen Agent Trust Hub

webflow-core-workflow-b

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external sources that are controlled by end-users (Webflow form submissions) or external actors (ecommerce order details).
  • Ingestion points: Data is ingested via webflow.forms.listSubmissions and webflow.orders.list within the SKILL.md file.
  • Boundary markers: Absent. The skill does not implement delimiters or specific instructions to the agent to disregard embedded commands in the retrieved data.
  • Capability inventory: The skill environment allows for Bash, Write, Edit, and Read operations, which could be exploited if the agent obeys instructions hidden in the ingested data.
  • Sanitization: Absent. The logic does not validate or sanitize the content of form fields or order metadata before presenting it to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 04:41 PM