chrome-devtools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly directs the agent to "Open or select the target page" (SKILL.md) and its reference docs list capabilities like navigate_page, list_console_messages, and list_network_requests (references/chrome-devtools.md), which means the agent will fetch and read arbitrary web pages and their console/network output—untrusted third-party content that can influence subsequent actions.