build-component

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's architecture and examples (references/architecture.md and the included src/anthropic_client.py and src/playwright_client.py examples) explicitly show navigating to arbitrary URLs with Playwright (playwright_client.navigate / get_content) and feeding scraped page HTML into an AI extractor (AnthropicClient.extract_data_from_html), which ingests untrusted public web content and uses the extracted results to drive component logic—creating a clear path for indirect prompt injection.