playwright-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's universal executor (run.js) and example scripts (e.g., "Check for Broken Links", inline execution examples, and the "ask for URL if no dev servers found" workflow) navigate to arbitrary or user-provided HTTP(S) URLs and extract text/screenshots/data with helpers like extractTexts/extractTableData, so it clearly fetches and interprets untrusted public web content.