Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate
Use of curl with the -k (or –insecure) flag in installer scripts allows attackers to deliver arbitrary executables via Man-in-the-Middle (MitM) attacks. This can lead to full system compromise, as the downloaded files are installed as privileged applications.