playwright-browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly navigates to arbitrary target URLs and performs web scraping/content extraction (see "Positive Triggers" — "Web scraping / content extraction" — and the "Usage Pattern" step "browser_navigate to target URL" plus tools like browser_evaluate/browser_click), so it fetches and interprets untrusted public web content that can influence subsequent actions.