Skills
skills/giarld/skills/chrome-devtools/Gen Agent Trust Hub

chrome-devtools

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's configuration and documentation specify downloading the chrome-devtools-mcp package from the npm registry using the npx utility.
  • [COMMAND_EXECUTION]: The skill uses npx to execute the MCP server and provides a tool, evaluate_script, which allows for the execution of arbitrary JavaScript within the context of a web page.
  • [DATA_EXFILTRATION]: The skill includes tools to capture screenshots, page snapshots, and network request logs, which involve reading potentially sensitive data from the browser environment.
  • [PROMPT_INJECTION]: The skill processes content from external websites, creating a surface for indirect prompt injection where instructions embedded in a web page could target the agent's browser control capabilities.
  • Ingestion points: External web content retrieved via navigate_page and new_page (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded directives are defined for the processed web data.
  • Capability inventory: File system access for saving traces/snapshots, network monitoring, and browser script execution (evaluate_script) (SKILL.md).
  • Sanitization: No content filtering or validation of the external page data is described in the provided files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 06:53 AM
Security Audit — agent-trust-hub — chrome-devtools