ux-gap-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to and interacts with a user-provided target URL using the user's real Chrome/profile via playwright-cli (Phase 0: "Navigate to target", Phase 1: "browser_snapshot" to get accessibility tree, Phase 2: interact with page refs) and then analyzes those live page screenshots/content (Phase 3), so it clearly ingests and acts on arbitrary third‑party web content from the provided URL.