playwright-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's automation explicitly navigates to and scrapes arbitrary web pages (e.g., page.goto(...) examples in SKILL.md and API_REFERENCE.md, the "Check for Broken Links" snippet that iterates a[href^="http"] and issues page.request.head(href), and run.js/inline execution which accepts user-supplied URLs), so it will fetch and read untrusted public third‑party content.