playwright

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and example scripts (e.g., examples/link-checker.js and API_REFERENCE.md) explicitly navigate to and scrape arbitrary HTTP(S) links and webpages (and run.js allows executing inline scripts that call page.goto on arbitrary URLs), so the agent will fetch and interpret untrusted, user-provided or third‑party web content as part of its workflow.