playwright-visual-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill includes workflows and examples that embed plaintext credentials (e.g., browser_fill_form with password values and an authentication step that fills credentials), which would require an agent to accept and emit secret values verbatim in action parameters—an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to navigate to arbitrary public URLs (browser_navigate) and to capture and interpret page content (browser_snapshot, browser_take_screenshot, browser_evaluate, browser_network_requests, browser_console_messages), so it clearly ingests untrusted third‑party/web content (e.g., example.com, storybook.example.com) that could enable indirect prompt injection.