playwright-mcp
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The SKILL.md Decision Flow and Workflow Boundaries explicitly instruct the agent to "Navigate directly to the page under test" using browser_navigate (and related browser_* tools), which means the skill will fetch and interpret arbitrary third-party web pages as part of its workflow and those pages could contain untrusted/user-generated instructions that affect subsequent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata