webflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to fetch and list CMS collection items (e.g., /v2/collections//items), assets, and public form submissions (/v2/forms//submissions), which are untrusted/user-generated third-party content the agent is expected to read and could influence subsequent CRUD/publish actions.