chrome-cdp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to and inspects arbitrary HTTP/HTTPS webpages (see "nav " in SKILL.md and the navStr/htmlStr/evalStr/evalraw/loadAllStr implementations in scripts/cdp.mjs), returning page HTML, JS-evaluated results, network entries and allowing clicks/typing—i.e., it fetches and interprets untrusted public web content that can influence subsequent actions.