Playwright Network Interceptor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states the agent uses Playwright to browse and intercept arbitrary web traffic (page.route handlers, HAR recording, and WebSocket interception) to capture and modify API responses and other content from public websites, which are untrusted third-party sources that could carry indirect prompt-injection instructions.