Security: Documentation links to metrobankonline.co.uk (commit a30657c)

[coner0013]

Summary:
The documentation commit a30657c (a30657c) changed an example/demo site in the login crawler guide from demoqa.com to metrobankonline.co.uk.

Affected file:

• website/versioned_docs/version-1.7/guides/crawler_login.mdx
  • Changed line: For this guide, we'll use metrobankonline.co.uk, a testing site designed for automation practice that provides a login form and protected content.

Why this is urgent / security impact:

• metrobankonline.co.uk appears to be a real banking website, not an automation/testing sandbox. Documenting it as a "testing site" is misleading and dangerous.
• Users following the example may run automated login and scraping code against a real financial institution, which can:
  • Trigger security/fraud systems and lead to account lockouts or IP blocks
  • Be illegal (unauthorized access, credential stuffing, other fraud) and expose the project and users to legal liability
  • Risk data exposure or attempted scraping of real customer data
  • Cause operational impact (denial-of-service-like traffic) if executed at scale

Recommended immediate actions:

1. Revert commit a30657c immediately to restore the original demo site (demoqa.com) in the documentation.
2. Temporarily remove the published documentation page (versioned docs) until the change is reverted and reviewed.
3. Audit recent commits from the author (coner0013) and any related commits on the same day for other suspicious changes.
4. Review repository write access and CI to ensure this was not the result of an account compromise or malicious actor.
5. Consider contacting the author via GitHub and the team (maintainers) to get context; if this was accidental, we can document the mistake and restore the docs.
6. If you treat this as a security incident, follow the project's incident response process and notify the security/contact channels.

Notes:

[vdusek]

Commit a30657c is part of your fork, not our codebase.

[coner0013]

So?