Skills
skills/aradotso/devtools-skills/chrome-devtools-mcp-automation/Gen Agent Trust Hub

chrome-devtools-mcp-automation

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The configuration instructions specify fetching the chrome-devtools-mcp package from the NPM registry via the npx command.
  • [COMMAND_EXECUTION]: The skill provides shell command templates for the agent to start and manage the MCP server, including options for headless mode and custom Chrome paths.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface because it navigates to and evaluates content from external websites.
  • Ingestion points: The browser_navigate tool in SKILL.md allows the agent to ingest arbitrary content from any URL.
  • Boundary markers: Absent. There are no instructions to use delimiters or ignore instructions embedded in the retrieved web content.
  • Capability inventory: Tools documented in SKILL.md include browser_evaluate (JavaScript execution), browser_cookies (session data access), and browser_screenshot (file generation).
  • Sanitization: Absent. The skill does not implement validation or escaping of external content before processing it within the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 05:05 PM