skills/jeremylongshore/claude-code-plugins-plus-skills/webflow-migration-deep-dive/Gen Agent Trust Hub
webflow-migration-deep-dive
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from external APIs (WordPress) and local files (CSV), creating an indirect prompt injection surface.\n
- Ingestion points: External data is ingested via the
fetchWordPressPostsfunction using thefetchAPI andimportFromCSVusingreadFileSync.\n - Boundary markers: No specific boundary markers or 'ignore embedded instructions' directives are implemented to separate ingested data from the agent's internal logic.\n
- Capability inventory: The skill utilizes
Bash,Write,Edit, andReadtools, providing the agent with the ability to execute code and modify the filesystem based on processed data.\n - Sanitization: While the skill includes a
slugifyutility for URL paths, higher-risk fields liketitleandcontent(HTML) are mapped directly to the target system without filtering for potential malicious instructions.\n- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute local scripts usingnpx tsx, which involves running TypeScript code within the shell environment via theBashtool.\n- [DATA_EXFILTRATION]: The skill performs network operations to fetch content from user-provided URLs (WordPress REST API) and interacts with the Webflow API using a sensitiveWEBFLOW_API_TOKENretrieved from the environment.
Audit Metadata