vitest-midscene-e2e

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly clones and uses a public GitHub boilerplate via scripts/clone-boilerplate.sh (https://github.com/web-infra-dev/midscene-example.git) and instructs downloading https://midscenejs.com/llms.txt as part of lookup, and the agent is required to read/compare and copy those third-party files as authoritative project state—which could let untrusted external content influence its actions.