browser-extension-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes content scripts (e.g., a manifest with "matches": ["<all_urls>"] and code that reads document.querySelector(...).textContent) which ingest and interpret arbitrary web page content from public sites, exposing the agent to untrusted third-party content.