chrome-extension-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's content scripts (e.g., content/main.ts, content/gdocs.ts, content/overleaf.ts) explicitly extract and send page text from third‑party public sites (Google Docs, Overleaf, arbitrary matched URLs) into the extension runtime, exposing the agent to untrusted, user-generated web content that could carry indirect prompt injections.