Playwright Browser Automation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill includes examples that hardcode credentials into generated test scripts (e.g., 'password123') and shows passing header/token values via inline env/command lines, which encourages the agent to emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill actively navigates and scrapes arbitrary web pages (e.g., page.goto(TARGET_URL) in SKILL.md examples and the broken-links script that issues page.request.head(href)), accepts user-provided URLs, and exposes helpers like extractTableData/handleCookieBanner in lib/helpers.js so the agent will read and interpret untrusted public web content.