playwright
Warn
Audited by Snyk on May 14, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's runtime (SKILL.md workflow, examples like examples/link-checker.js, helpers.detectDevServers and lib/helpers.js functions such as extractTexts, extractTableData, handleCookieBanner, page.request.head, and run.js which executes inline code) navigates to and fetches arbitrary web pages and external links (including user-provided URLs and pages discovered on visited sites), so untrusted public content is read and acted on as part of normal automation flows.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata