playwright-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly navigates to and automates arbitrary external URLs (SKILL.md: "ask for URL if testing external site" and numerous examples and run.js/wrapped scripts using page.goto with user-provided TARGET_URL), and its helpers extract text, follow links, dismiss cookie banners, and act on page content—so untrusted third-party web content can be ingested and influence automation decisions.