Playwright Test Recorder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly describes using Playwright browser contexts for "web testing, scraping, login automation, and UI validation," i.e., fetching and interacting with external websites and pages (public/untrusted content) which the agent is expected to read and summarize/act on, creating a clear vector for indirect prompt injection.