webperf-interaction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md workflow explicitly navigates to an arbitrary target URL using mcp__chrome-devtools__navigate_page and runs in-page snippets (e.g., Long-Animation-Frames-Script-Attribution.js and others) that read page performance entries and script sourceURLs to detect and classify third‑party scripts, and the decision tree uses those results to automatically trigger follow-up analyses and recommendations—so untrusted public web content can materially influence the agent's actions.