go-playwright

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs use for "scrape" and "automate" of websites (SKILL.md "When to Use This Skill") and its implementation playbook contains runtime browser actions (e.g., page.Goto, locator clicks, HumanClick) that fetch and interpret arbitrary public webpages, exposing the agent to untrusted third-party content.