chrome-extension-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's rules and examples explicitly instruct injecting content scripts into arbitrary web pages and reading/interpreting page DOM, selections, and tab URLs (see references/comp-content-script-ui.md and the inject-*.md files that use window.getSelection(), document.querySelector(), chrome.tabs.query(), etc.), which ingests untrusted third-party page content that can influence UI/actions.