playwright-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill executes Playwright against user-provided or auto-detected site URLs (e.g., the many page.goto(TARGET_URL) examples and the "check for broken links" snippet that calls page.request.head on http links), so it fetches and parses arbitrary public/web content and could expose the agent to untrusted, user-generated third‑party content.