playwright-browser-navigate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly provides a browser_navigate tool that takes an arbitrary "url" argument and navigates the agent's Playwright browser to that open web address, which exposes the agent to untrusted public web content that could contain injectable instructions.