Playwright PDF Export Automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill’s SKILL.md explicitly states it navigates to "any web URL" using page.goto() to render and capture external pages (Overview), which clearly fetches untrusted public web content as part of runtime behavior and could let page content influence tool actions (e.g., waits/retries and rendering) enabling indirect prompt injection.