webflow-incident-runbook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required triage workflow and scripts explicitly fetch and parse public Webflow endpoints (e.g., https://status.webflow.com/api/v2/status.json and https://api.webflow.com/v2/sites) and the decision tree uses those external responses to drive actions like activating fallbacks or restarting services, so untrusted third-party content can materially influence agent behavior.