playwright-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows patterns for building web scrapers and extracting page content (e.g., "When to Use: Building web scrapers" and the "Data Extraction Patterns" using page.locator/evaluate/evaluateAll that read document.querySelectorAll and link hrefs), which means the agent would fetch and interpret arbitrary public web pages (untrusted third‑party content) as part of its workflow.