webflow-automation

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it includes tools to ingest external web data (e.g., WEBFLOW_GET_PAGE_DOM) alongside capabilities to modify site content (e.g., WEBFLOW_CREATE_COLLECTION_ITEM, WEBFLOW_PUBLISH_SITE). This is a theoretical risk where malicious content on a target website could attempt to influence agent behavior. However, the risk is mitigated by instructions advising the agent to seek user confirmation before performing production actions.
  • Ingestion points: Web content via WEBFLOW_GET_PAGE_DOM (SKILL.md).
  • Boundary markers: None specified.
  • Capability inventory: CMS item management and site publishing tools (SKILL.md).
  • Sanitization: Not specified.
  • [EXTERNAL_DOWNLOADS]: The skill requires a connection to an external MCP server at https://rube.app/mcp to access its automated toolset.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 05:15 PM
Security Audit — agent-trust-hub — webflow-automation