debugging-codeceptjs-tests

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The workflow ingests aiTrace output (e.g., output/trace_<TestName>_<hash>/trace.md and per-step *_page.html) into the agent via the “Read the trace” step, and those artifacts are derived from outsider-authored test code/page DOM (i.e., content produced by the application under test and/or other contributors’ tests), which the agent then reads as free text.