browser-extension-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill includes content scripts that run on arbitrary web pages (see sub-skills/basic-content-script.md and manifest-v3-template.md with "matches": ["<all_urls>"]) and explicitly read/act on page DOM (document.querySelector, .textContent), so untrusted third‑party web content can be ingested and influence extension behavior.