game-qa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Playwright MCP instructions (playwright-mcp.md in SKILL.md) explicitly instruct the agent to call browser_navigate to arbitrary URLs and to inspect third-party iframes (e.g., the Play.fun widget), which means the agent will browse and read untrusted public web content that can influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs running the command "claude mcp add playwright npx @playwright/mcp@latest", which uses npx to fetch and execute remote code for the Playwright MCP server at runtime (i.e., installs/executes remote package @playwright/mcp) and is required for the MCP-based agent browser tools, so it represents a runtime remote-code-execution dependency.