chrome-extension-architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's templates explicitly show the extension fetching and parsing external web content (e.g., references/templates/README.md Template 4 fetch('https://api.example.com/data') and Template 8 offscreen DOM_SCRAPING that parses arbitrary HTML), so the agent would ingest untrusted third‑party content as part of its workflow and that content could influence behavior.