fast-playwright

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's CLI tool calls require embedding form input values (e.g., browser_type and browser_batch_execute "text" fields) directly into generated JSON/command arguments, which forces an agent to include secrets (passwords/API keys) verbatim in its output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's core tools (e.g., browser_navigate and browser_inspect_html shown in SKILL.md and invoked via the server's /call endpoint in scripts/server.js and client.js) allow the agent to navigate to and extract arbitrary public URLs and page content, meaning untrusted third-party webpages can be read and used to drive subsequent clicks/typing/actions.