moai-platform-chrome-extension

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs content scripts to read and extract DOM from arbitrary web pages (modules/content-scripts-guide.md extractPageData) and shows the service worker fetching/parsing external URLs and APIs (modules/messaging-patterns.handleFetchData and modules/service-worker-patterns.parseHTML/offscreen), which means it consumes untrusted, public third‑party content as part of its workflow.