playwright

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that pass plaintext credentials (e.g., --field "password=secret123") and shows embedding literal passwords into commands/scripts, which would require the LLM to include secret values verbatim in generated output and thus is insecure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (e.g., navigate.py, evaluate.py, screenshot.py, fill_form.py) and the SKILL.md "Navigate and Extract Content" / "Execute JavaScript" examples navigate to arbitrary URLs and scrape or evaluate page content (including executing page JS), which are untrusted public third‑party sources and can directly influence automation actions like form filling, navigation, evaluation results, and subsequent tool use.