playwright-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's trace viewer/CLI explicitly accepts and loads trace files from arbitrary URLs (e.g., "playwright show-trace https://example.com/trace.zip" and the runTraceInBrowser/show-trace handling in trace_system_guide.md), which causes the agent to fetch and parse untrusted third‑party content (trace/network resources) as part of its runtime workflow and could therefore influence subsequent tool behavior/decisions.