clerk-chrome-extension-patterns

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit curl example that requires embedding a secret API key in an Authorization header (command-line), which would force an agent to handle/output the secret verbatim — a high-risk exfiltration pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's docs and required workflows (references/content-scripts.md and references/headless-extension.md) explicitly register content scripts that are auto-injected on arbitrary host_permissions (e.g., "<all_urls>") and show runtime behavior that reads tab URLs/DOM and acts (injectUI, post page-visit, authenticated fetches), meaning the extension ingests and acts on untrusted third-party page content.