webflow
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage via npm. This is a legitimate tool belonging to the skill vendor's ecosystem and is used for managing the integration. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI tool to perform various operations such as authentication, searching for actions, and executing API requests. These commands are part of the intended functionality for interacting with the Membrane platform. - [PROMPT_INJECTION]: The skill is subject to an indirect prompt injection surface as it retrieves and processes content from Webflow (e.g., site pages, CMS collections, and form data) which is controlled by external users.
- Ingestion points: Data is ingested into the agent context through the
membrane action runandmembrane requestcommands. - Boundary markers: There are no explicit markers or delimiters described to isolate external data from instructions.
- Capability inventory: The skill possesses the ability to execute CLI commands and perform network operations via the Membrane proxy.
- Sanitization: No specific sanitization or validation of the external Webflow data is documented within the skill instructions.
Audit Metadata