playwright-scraper-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md, examples/README.md and scripts/playwright-simple.js / scripts/playwright-stealth.js) instructs the agent to navigate to arbitrary public URLs (e.g., https://m.discuss.com.hk/#hot), evaluate page DOM/text, extract links and content, and adjust behavior (wait, retry, cloudflare handling), so it clearly ingests untrusted, user-generated third‑party webpages that can influence subsequent actions.