site-audit
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several Webflow MCP tools including data_sites_tool, data_pages_tool, and data_cms_tool. These calls are used to perform structural audits and content inventories of Webflow sites, which is consistent with the skill's primary purpose.
- [PROMPT_INJECTION]: The skill processes untrusted data from external Webflow sites, creating a surface for indirect prompt injection.
- Ingestion points: Site metadata, page slugs, and CMS collection items retrieved via MCP tools.
- Boundary markers: No explicit markers are defined to distinguish content from instructions.
- Capability inventory: Read-only access to site structure and content with output formatting to Markdown, JSON, and CSV.
- Sanitization: None specified for the content retrieved from the Webflow API.
Audit Metadata