frontend-ux-qa-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to navigate to arbitrary target URLs and run page-evaluation scripts (e.g., "browser_navigate" and "browser_evaluate" in the "Playwright MCP Testing Commands" and automated detection scripts), meaning it fetches and interprets untrusted public web page content as part of its workflow.