chrome-devtools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to navigate to arbitrary web pages (navigate_page/new_page) and use take_snapshot and evaluate_script to read and interact with page content, which means it ingests untrusted public third‑party web content that can drive subsequent actions.