datalayer-analytics-playwright

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly instructs the agent to fetch and parse tracking specs from external URLs (Confluence, Notion, Google Docs or "any accessible URL") as part of creating tests (see "Spec Sources" and "Step 1: Get the Tracking Spec" in references/workflow.md and README), so it ingests untrusted third‑party content that directly influences test creation and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches tracking spec pages at runtime (e.g., via the Confluence REST endpoint "https://{domain}/wiki/rest/api/content/{pageId}?expand=body.storage" or example spec URL "https://wiki.example.com/pages/12345") and parses that remote content to drive generation of tests and assertions, so external content directly controls the agent's behavior.