addfox-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's docs (see rules/content-ui.md and rules/entry.md with content script examples and matches like '<all_urls>' and 'https://www.youtube.com/*', plus rules/messaging.md describing window.postMessage from page scripts) show content scripts will run in and read/interact with arbitrary third‑party web pages, allowing untrusted page content to influence extension behavior.