The browser will only give access to the Yubikey token for a specific domain name - so if the attacker phishes for examle.org, rather then example.org, then there is just no tokens (signing keys) available the Yubikey could use and give to the browser.
In the early days WebUSB in Chrome had bugs that allowed to bypass that same origin check but that has been fixed 3 years ago.
I've been using the browser's password manager as protection against phishing, as the password manager won't fill in passwords on the wrong site. So I guess it works in a similar way with the Yubikey? OK.
At a very very high level yes - but the reason you want to use tokens is that you get a second factor and you have better entropy and created tokens are time based (password is valid forever).
The browser will only give access to the Yubikey token for a specific domain name - so if the attacker phishes for examle.org, rather then example.org, then there is just no tokens (signing keys) available the Yubikey could use and give to the browser.
In the early days WebUSB in Chrome had bugs that allowed to bypass that same origin check but that has been fixed 3 years ago.