chrome-cdp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Flagged because the CLI/daemon explicitly navigates to and reads arbitrary web pages (see SKILL.md/USAGE and src/chrome_cdp/commands.py + src/chrome_cdp/daemon.py handling of "nav", "html", "snap", "eval", etc.), so the skill fetches untrusted public third‑party page content which the agent is expected to consume and that can directly influence subsequent actions (click/type/eval), enabling indirect prompt injection.