playwright-browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly navigates to and scrapes arbitrary external URLs (e.g., page.goto(url) in capture_screenshot, extract_page_content, capture_multiple_pages, and capture_for_cro_analysis) and extracts page text/metadata/screenshots, which ingests untrusted public web content that could contain indirect prompt injection.