wix-manage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests external image URLs from user input (see references/blog/how-to-create-blog-posts.md Part 1) and the mandatory "Create Product from Image" flows (references/stores/create-product-from-image*.md) explicitly combine media upload with LLM analysis to generate product names/descriptions/prices, so untrusted third-party content can be read and materially influence the agent's actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit payment-related APIs and actions: "Create Payment Links" (creates links to collect payments), "How to Setup Wix Payments" (configures payment provider, business verification, bank account setup, payment methods), "Payment Links for Bookings" and booking flows that "process payment via eCommerce checkout", and "Change Payment Currency". These are specific, built-in payment operations (creating payment requests and configuring payment/bank settings), not generic tooling, so the skill grants direct financial execution capability.