web-perf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The workflow’s runtime path includes navigating to a user-supplied external URL (navigate_page(url: "<target-url>")) and then ingesting page-derived text/DOM/trace results into the LLM via the Chrome DevTools MCP tools (e.g., performance_start_trace + performance_analyze_insight, list_network_requests, take_snapshot), which can include outsider-authored free text from the target page.