ui-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill records user-entered inputs (e.g., "type ...") and exports them verbatim into generated Playwright scripts/commands, so any API keys, passwords, or other secrets typed by the user would be embedded in output and exposed.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to and snapshots arbitrary test URLs provided by the user (see SKILL.md "Agent Execution Flow" step 3 and the scripts/ui-test.js use of page.goto / browser action=snapshot and act), so the agent fetches and interprets untrusted third‑party web pages whose content can influence selectors, actions, and next steps.