dev-tools-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required runtime workflow uses Chrome DevTools MCP to read the target page’s DOM via take_snapshot/evaluate_script and console/network details; those page contents are outsider-authored (the website/app being debugged), so free text from that page can enter the LLM context indirectly through the snapshot/console/network payloads.