playwright-web-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to and scrapes arbitrary public websites (see SKILL.md core workflow using browser_navigate, browser_evaluate, browser_snapshot and monitoring via browser_console_messages/browser_network_requests) and validate_urls.py fetches robots.txt, so untrusted third-party page content is ingested and interpreted to drive extraction, rate‑limiting, and decision logic.