Security Audit

webflow-automation

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

TRUSTED

Scanned 3 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

webflow-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unpinned dependency in manifest, Potential data exfiltration via arbitrary file upload.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

86%

Behavioral Risk Signals

Filesystem Write

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Unpinned dependency in manifest The skill manifest specifies a dependency on the 'rube' MCP without a version constraint. This allows any version of 'rube' to be used, which could introduce vulnerabilities if a future version contains malicious code or breaking changes, or if an incompatible version is loaded. Pin the 'rube' dependency to a specific, known-good version or a version range (e.g., `"rube": ["~1.0.0"]`) to ensure consistent and secure behavior.	LLM	SKILL.md:1
MEDIUM	Potential data exfiltration via arbitrary file upload The `WEBFLOW_UPLOAD_ASSET` tool allows uploading arbitrary base64-encoded file content to a Webflow site. If the host LLM has access to local file systems and can be prompted by a malicious user to read sensitive files (e.g., credentials, configuration files), it could then use this tool to exfiltrate that data by uploading it to a controlled Webflow site. While the skill itself does not instruct file reading, the presence of a general-purpose file upload tool creates a significant risk surface. Implement strict sandboxing for the LLM to prevent local file system access. Ensure the LLM is trained or guarded against providing sensitive local file content to upload tools. Consider adding user confirmation steps for any asset uploads, especially if the content is not explicitly provided by the user.	LLM	SKILL.md:199

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/f27aaddc60b46390.svg)](https://skillshield.io/report/f27aaddc60b46390)