diff --git a/apps/browser-extension/entrypoints/content/chatgpt.ts b/apps/browser-extension/entrypoints/content/chatgpt.ts
index 73e0354f1..af474ff17 100644
--- a/apps/browser-extension/entrypoints/content/chatgpt.ts
+++ b/apps/browser-extension/entrypoints/content/chatgpt.ts
@@ -653,7 +653,10 @@ function setupChatGPTPromptCapture() {
 			promptTextarea &&
 			!promptContent.includes("Supermemories of user")
 		) {
-			promptTextarea.innerHTML = `${promptTextarea.innerHTML} ${storedMemories}`
+			// Fix: Use textContent to prevent XSS injection
+			const memoriesContainer = document.createElement('div')
+			memoriesContainer.textContent = storedMemories
+			promptTextarea.appendChild(memoriesContainer)
 			promptContent = promptTextarea.textContent || ""
 		}
 
diff --git a/apps/browser-extension/entrypoints/content/claude.ts b/apps/browser-extension/entrypoints/content/claude.ts
index e0853d413..c309661bf 100644
--- a/apps/browser-extension/entrypoints/content/claude.ts
+++ b/apps/browser-extension/entrypoints/content/claude.ts
@@ -511,7 +511,10 @@ function setupClaudePromptCapture() {
 			contentEditableDiv &&
 			!promptContent.includes("Supermemories of user")
 		) {
-			contentEditableDiv.innerHTML = `${contentEditableDiv.innerHTML} ${storedMemories}`
+			// Fix: Use textContent to prevent XSS injection
+			const memoriesContainer = document.createElement('div')
+			memoriesContainer.textContent = storedMemories
+			contentEditableDiv.appendChild(memoriesContainer)
 			promptContent =
 				contentEditableDiv.textContent || contentEditableDiv.innerText || ""
 		}