tampermonkey

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill content is a comprehensive Tampermonkey userscript guide that documents multiple powerful, dual‑use APIs and includes examples and header patterns that can be directly abused for data exfiltration, credential/session theft, remote code injection, CSP bypass, and request interception — representing a high abuse risk if used maliciously.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and its reference files (notably references/http-requests.md and the header/resource examples) explicitly require and demonstrate using GM_xmlhttpRequest, @require/@resource, GM_getResourceText, GM_addElement and @connect (including wildcards) to fetch and inject content from arbitrary external websites, so the agent would be ingesting and acting on untrusted public third‑party web content that can materially change script behavior.