chrome-extension-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and guidance show content scripts and side-panel code that read and inject into arbitrary web pages (e.g., references/comp-content-script-ui.md, inject-document-ready.md, inject-shadow-dom.md and panel-page-context.md where code reads window selection, DOM elements and tab.url) and also include fetching external APIs (e.g., fetch('https://api.example.com/data') in feedback-loading-states.md), so it clearly consumes untrusted public web content that the agent would read/interpret at runtime.