webflow-automation
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it includes tools to ingest external web data (e.g.,
WEBFLOW_GET_PAGE_DOM) alongside capabilities to modify site content (e.g.,WEBFLOW_CREATE_COLLECTION_ITEM,WEBFLOW_PUBLISH_SITE). This is a theoretical risk where malicious content on a target website could attempt to influence agent behavior. However, the risk is mitigated by instructions advising the agent to seek user confirmation before performing production actions. - Ingestion points: Web content via
WEBFLOW_GET_PAGE_DOM(SKILL.md). - Boundary markers: None specified.
- Capability inventory: CMS item management and site publishing tools (SKILL.md).
- Sanitization: Not specified.
- [EXTERNAL_DOWNLOADS]: The skill requires a connection to an external MCP server at
https://rube.app/mcpto access its automated toolset.
Audit Metadata