Frontend Testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's test runners and scripts (e.g., scripts/run-performance-tests.sh which accepts a [url] parameter and Playwright tests that use page.goto with process.env.BASE_URL or a provided URL) will navigate to and evaluate arbitrary web pages (DOM, run axe/playwright-lighthouse, page.evaluate), so untrusted/public third-party content can be fetched and directly influence test actions and pass/fail decisions.