e2e-tester

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to untrusted public web content via its MCP browser tools—e.g., the "Navigate" action (playwright_navigate) and inspect actions like playwright_get_visible_html and playwright_console_logs—which fetch and cause the agent to read/interpret arbitrary URLs/DOM/console output.