develop-component

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's architecture and examples (see references/architecture.md and the provided anthropic_client.py and playwright_client.py snippets) explicitly show navigating to arbitrary URLs with Playwright, ingesting page HTML, and sending that untrusted public web content to an AI extractor, so third‑party webpages can be read and drive component behavior.