webflow-automation
Warn
Audited by Socket on Jun 24, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the capability set matches Webflow automation, but the skill relies on a deprecated third-party MCP endpoint and routes Webflow access through an intermediary rather than direct official APIs. This looks more like outdated third-party guidance than confirmed malware, but the proxy data flow and production-impact actions make it medium risk.
Confidence: 84%Severity: 58%
Audit Metadata