wxt-framework-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's content script examples (entrypoints/content.ts with matches and world: 'MAIN') and the manifest host_permissions show the extension is designed to run on and read web pages' content and page-provided messages (with background message handlers in entrypoints/background.ts), which are untrusted third-party web content that can influence runtime behavior.