chrome-extension

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow shows content scripts and a three-layer bridge that ingest arbitrary web page content (references/content-scripts.md "Communication between worlds" and references/messaging-rpc.md "Full three-layer bridge: page ↔ content script ↔ service worker"), where page-provided data/messages (from untrusted public pages) are relayed to the service worker/RPC handlers (e.g., fetch.relay) and used to drive privileged actions, so untrusted third-party content can materially influence agent behavior.