custom-code-management

The document correctly describes a Webflow MCP management workflow for inline scripts and aligns conceptually with the provided tool actions. However, permitting arbitrary inline JavaScript with only minimal syntactic validation and providing a non-selective 'delete all' operation present substantial security risks: persistent script-based exfiltration, session/credential theft, trackers/cryptominers, and destructive mass deletion are realistic abuse scenarios. The fragment itself contains no explicit malicious code or obfuscation, but its capabilities make it high-risk in practice. Recommend adding strong operational controls: role-based authorization, explicit approval/audit workflow, static analysis or sandboxing of submitted JS, forced declaration/allowlisting of external endpoints, and safer deletion semantics (selective delete, versioning, or soft-delete).