web-tests

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill's test-login example and general behavior write Playwright scripts that fill credentials directly (e.g., page.fill(..., "password123")) and would likely embed any user-provided login secrets verbatim into generated scripts/commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly visits and scrapes arbitrary web pages supplied via the TARGET_URL or inline code (see run.js inline execution and scripts such as test-broken-links.js which follows 'a[href^="http"]' and uses page.request.head, plus helpers like extractTexts/extractTableData that read page DOM), so it ingests untrusted public web content that could contain indirect prompt-injection payloads.