playwright-test-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates the target web app and ingests DOM snapshots, accessibility-tree dumps, console messages, and network responses from the application's pages during Step 3 (Browser Exploration) and Step 6 (e2e-reviewer/YAGNI Audit), which are untrusted third-party/user-controlled contents that the agent uses to choose selectors, design scenarios, and drive subsequent actions.