browsing-with-playwright

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples and commands require embedding form field values (e.g., "password123") into JSON parameters sent to the Playwright MCP, so an agent would need to output plaintext secrets verbatim in its generated requests/commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill uses a Playwright MCP browser to navigate arbitrary URLs and extract page content (see browser_navigate, browser_snapshot, browser_run_code in references/playwright-tools.md and the mcp-client.py examples), which clearly ingests untrusted public web content that the agent is expected to read and interpret.