Playwright Accessibility Audit Runner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states the runner "crawls target sites and evaluates each page" and injects @axe-core/playwright into each page context (including iframe content), so it fetches and interprets arbitrary public web pages whose untrusted content can influence audit outputs and remediation actions.