100Critical
The skill permits arbitrary JavaScript injection into live websites, enabling
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Custom Code Management: Add, review, and manage inline custom scripts on a Webflow site — analytics, tracking pixels, chat widgets, or any custom JavaScript.
Actually does
This skill interacts with Webflow's platform using `webflow_guide_tool`, `data_sites_tool`, and `data_scripts_tool`. It lists available Webflow sites, retrieves and displays registered and applied scripts, adds new inline site-level or page-level scripts, updates page-level scripts, and deletes all site-level or page-level scripts. All operations are performed through these Webflow-specific tools.
Skill Info
Namewebflow/webflow-skills/custom-code-management
Registrygithub
Versionb6e3c170df8e
PURLpkg:github/webflow/webflow-skills@b6e3c170df8e?skill=custom-code-management
Stars64
Installs341
Source
SHA-256c9ec275584e5...
SHA-14b8e74b8c3d6...
MD5018d1047407f...
TLSH03a13305fea5...
ssdeep96:7q5Z76758...
Size4,668 bytes
Install
Assessments (2)
AI Agent Traps ↗Arbitrary JavaScript injection on websitecriticalcommand execution
The skill allows adding or updating arbitrary JavaScript (`sourceCode`) to a live website via `add_inline_site_script` and `upsert_page_script`. This enables client-side code execution, which can be exploited for data exfiltration, defacement, credential harvesting, or embedding malicious content for website visitors.
100% confidenceline 30
`add_inline_site_script` with `sourceCode`, `upsert_page_script` with `sourceCode`
Destructive website script removal capabilitieshighimpact
The skill provides actions to `delete_all_site_scripts` and `delete_all_page_scripts`, which can remove all custom code from an entire website or a specific page. This is a high-impact destructive capability that could lead to significant disruption.
100% confidenceline 18
`delete_all_site_scripts`, `delete_all_page_scripts`
Human reliance for arbitrary code reviewmediumapproval fatigue
While explicit user confirmation (e.g., typing 'add' or 'update') is required for code changes, the human overseer is responsible for reviewing potentially complex or obfuscated JavaScript. This creates a risk of approval fatigue or social engineering if malicious code is presented subtly.
100% confidenceline 36
Before any mutation, present the plan and require explicit confirmation: - Adding scripts: user must type **"add"**
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/webflow/webflow-skills/custom-code-management)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/webflow/webflow-skills/custom-code-management"><img src="https://mondoo.com/ai-agent-security/api/badge/github/webflow/webflow-skills/custom-code-management.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/webflow/webflow-skills/custom-code-management.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow