The Agent Skills Directory

[COMMAND_EXECUTION]: The skill exposes tools to launch Node.js processes with debugging parameters such as '--inspect-brk' and to evaluate arbitrary JavaScript code within the context of the debugged application.
[EXTERNAL_DOWNLOADS]: Recommends installation of the 'devtools-debugger-mcp' package from the npm registry, which is the official implementation provided by the author.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests untrusted data from the debugged process. 1. Ingestion points: The 'read_console', 'inspect_scopes', and 'evaluate_expression' tools read output and variable states from the external process (SKILL.md). 2. Boundary markers: The documentation does not specify the use of delimiters or 'ignore instructions' markers when the agent processes this data. 3. Capability inventory: The skill possesses powerful capabilities including process spawning and dynamic code execution. 4. Sanitization: No explicit sanitization or filtering of the ingested data is described in the skill instructions.
[SAFE]: No obfuscation, hardcoded credentials, or unauthorized data exfiltration patterns were found. The skill operates using standard protocols and follows vendor-resource patterns consistent with the author's identity.

devtools-debugger-mcp-nodejs