Playwright Network HAR Recorder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly says the skill "captures and replays network traffic" using Playwright's recordHar/routeFromHAR APIs (recording request/response bodies from arbitrary URL patterns), which means it ingests untrusted third‑party HTTP content that the agent can read, modify, and replay as part of its workflow.