webflow-migrate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow (Phase 1 and subsequent phases) explicitly instructs mirroring an arbitrary public site with wget (https:/// and cdn.prod.website-files.com) and then parsing/grep/sed/python-ingesting those downloaded HTML/assets to decide rewrites and downloads, so untrusted public site content is read and used to drive tool actions.