Playwright Browser Automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill runs Playwright against user-provided or discovered web URLs and explicitly navigates and scrapes pages (see page.goto(TARGET_URL) in the example scripts, the broken-links script that requests external hrefs, helpers.extractTexts/extractTableData/handleCookieBanner, and run.js which can execute inline code), so it ingests and interprets untrusted public web content from arbitrary URLs.