pst-explore

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires capturing and writing every observed element value (including "Value entered" and "value after fill") into insights.md and running evals that extract element values, so any API keys/passwords or other secrets present in the test steps or page would be output verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow ("Open the browser" and "Execute each step") explicitly instructs navigating, snapshotting, and running evals against live public web pages (e.g., example navigate to https://www.goodreads.com and multiple playwright-cli eval commands), so it ingests and acts on untrusted third‑party page content that can influence subsequent actions.