webflow-sdk-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's instructions explicitly fetch and process Webflow-hosted content (e.g., webflow.collections.items.listItems in "Pattern 3: Pagination Helper", webflow.sites.get and the raw fetch to https://api.webflow.com/v2/sites/${siteId} in "Pattern 4", and getValidatedSite) which ingests user-generated/third-party data from Webflow that the agent would read and could influence subsequent actions.