playwright-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill auto-navigates to user-provided or auto-detected URLs (e.g., TARGET_URL used in numerous examples and page.goto calls) and explicitly scrapes/inspects external links (see the "Check for Broken Links" script that iterates hrefs and performs page.request.head), which means it fetches and reads arbitrary public/untrusted web content.