moai-playwright-webapp-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches live, external documentation from Context7 via calls like context7.get_library_docs (library id "/microsoft/playwright") and also instructs agents to navigate to and scrape arbitrary target webapps (e.g., webapp_url, page.goto + page.locator usage) — untrusted third-party content that the AI ingests and uses to generate tests and drive actions, so it can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime calls to Context7 to fetch library docs (e.g., context7.get_library_docs with context7_library_id="/microsoft/playwright"), and that fetched content is directly used to drive AI test generation and agent instructions, so the external Context7 library "/microsoft/playwright" is a required runtime dependency that can control prompts.