webperf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow (step 3) requires using mcp__chrome-devtools__navigate_page to load arbitrary target URLs and then running/evaluating scripts in that page (mcp__chrome-devtools__evaluate_script and mcp__chrome-devtools__get_console_message), so the agent fetches and interprets untrusted public web content that can influence its analysis and actions.