chrome-devtools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to navigate to and operate on web pages (e.g., "navigate_page" / "new_page", "take_snapshot", "evaluate_script" and "tools operate on the currently selected page"), which means the agent will fetch and interpret arbitrary/untrusted public web content that can influence subsequent interactions and tool use.