chrome-extensions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's prompt-api example (references/extensions/prompt-api.md — sidepanel/sidepanel.js) explicitly scripts and extracts arbitrary web page text via chrome.scripting.executeScript and feeds it into LanguageModel.promptStreaming, meaning the agent ingests untrusted public webpage content (third‑party/user-generated) as input that can influence model actions.