chrome-devtools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly navigates to arbitrary URLs and inspects page content (e.g., navigate_page, take_snapshot/take_screenshot, list_console_messages, evaluate_script), so it will read and interpret untrusted public web pages and user-generated content, enabling indirect prompt injection.