mcp-playwright

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's core tools (e.g., mcp__playwright__browser_navigate and mcp__playwright__browser_snapshot along with browser_evaluate) explicitly navigate to arbitrary URLs and capture/interpret page content (accessibility trees, DOM, console/network messages), meaning untrusted public web pages can be ingested and influence subsequent actions.