diff --git a/src/service/extension-script.js b/src/service/extension-script.js
index 45bfbb304fe4..bb8312105625 100644
--- a/src/service/extension-script.js
+++ b/src/service/extension-script.js
@@ -154,8 +154,27 @@ export function createExtensionScript(win, extensionId, version) {
     extensionId,
     version,
     getMode(win).localDev
-  );
-  scriptElement.src = scriptSrc;
+    );
+
+  if (self.trustedTypes && self.trustedTypes.createPolicy) {
+    const policy = self.trustedTypes.createPolicy(
+      'extension-script#createExtensionScript',
+      {
+        createScriptURL: function (url) {
+          // Only allow trusted URLs
+          const urlObject = new URL(url);
+          if (urlObject.host === 'cdn.ampproject.org') {
+            return url;
+          } else {
+            return '';
+          }
+        },
+      }
+    );
+    scriptElement.src = policy.createScriptURL(scriptSrc);
+  } else {
+    scriptElement.src = scriptSrc;
+  }
   return scriptElement;
 }