serp-video-tools

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This extension manifest and documentation request broad, high-risk permissions (cookies, webRequest, debugger, scripting, declarativeNetRequestWithHostAccess, host_permissions="all sites") and even explicitly says it "extracts ... authentication details" — capabilities that enable deliberate credential theft and covert data exfiltration if abused.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly grants host_permissions to access all websites and lists permissions like scripting, webRequest, debugger, and cookies while describing that it extracts video stream data, transcripts/captions, manifests and page content from the pages the user opens, so it ingests untrusted public web content (e.g., captions/manifests on arbitrary sites) that can influence which streams/actions the extension takes.