wix-manage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's recipes explicitly ingest external, user-supplied URLs (e.g., references/blog/how-to-create-blog-posts.md Part 1: "Import External Images to Wix" and references/stores/create-product-from-image.md) and even run LLM analysis on uploaded images to generate product names/descriptions, so untrusted third‑party content is fetched and used to drive API actions (product creation), enabling indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit payment-related APIs and operations: "Create Payment Links", "Payment Links for Bookings", and "How to Setup Wix Payments" (business verification, bank account setup, payment method configuration). It also exposes site-level payment settings (change payment currency). These are specific payment gateway / payment-collection functions (i.e., explicitly designed to create payment requests and configure payment providers), which meet the Direct Financial Execution criteria.