site-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests pages and CMS collection items from Webflow via the required MCP calls (data_pages_tool list_pages, data_cms_tool get_collection_list/get_collection_details/list_collection_items) and then reads and analyzes that user-generated site content to drive scoring, recommendations, and exports, so untrusted third-party content could indirectly inject instructions into the agent's decision flow.