site-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and analyzes user-generated Webflow site content (e.g., pages via data_pages_tool list_pages and CMS items via data_cms_tool list_collection_items and get_site), so it ingests third-party site content that could contain injected instructions.