The Agent Skills Directory

[SAFE]: The skill interacts with the official Webflow REST API v2 at api.webflow.com. This is a well-known service and the usage is consistent with the skill's stated purpose.\n- [SAFE]: Authentication is performed using the WEBFLOW_TOKEN environment variable, which is a standard and secure method for managing secrets within this environment.\n- [COMMAND_EXECUTION]: The skill uses curl to make API calls and jq to parse the resulting JSON data, which are standard utilities for these tasks.\n- [PROMPT_INJECTION]: The skill ingests data from external sources, which creates a potential surface for indirect prompt injection.\n
Ingestion points: Data from Webflow CMS collections and form submissions is retrieved using curl in SKILL.md.\n
Boundary markers: No explicit delimiters or instructions are used to distinguish external data from internal logic.\n
Capability inventory: The skill has capabilities to perform network requests (curl) and write files to the /tmp/ directory.\n
Sanitization: There is no evidence of validation or escaping for the data retrieved from the external API.

webflow