webflow-multi-env-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls the Webflow API to fetch site and collection data (e.g., webflow.sites.get in "Step 6: Environment Status Dashboard", webflow.collections.items.listItems in Step 4, and the CI curl to https://api.webflow.com/v2/sites/...), which ingests untrusted, user-generated third-party content from Webflow and uses that data to drive actions (reporting, publishing, and deleting items), creating a clear avenue for indirect prompt-injection influence.