troubleshooting
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill attempts to locate and read various workspace configuration files (e.g.,
.mcp.json,.claude/settings.json,.gemini/settings.json) to identify misconfigured arguments or missing environment variables. This file access is restricted to the primary troubleshooting purpose of the skill. - [EXTERNAL_DOWNLOADS]: Fetches troubleshooting guidelines and known issues from the official
ChromeDevTools/chrome-devtools-mcpGitHub repository. This is documented neutrally as it targets a well-known service's official documentation. - [COMMAND_EXECUTION]: Executes diagnostic commands such as
npx chrome-devtools-mcp@latestandgh issue listto verify the environment and search for existing bug reports. These tools are standard for the developer use-case intended by the skill. - [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by ingesting external data from GitHub issues and documentation.
- Ingestion points: Fetches content from Step 3 (troubleshooting documentation) and Step 6 (GitHub issue list).
- Boundary markers: Absent; external content is processed without explicit delimiters or warnings to ignore embedded instructions.
- Capability inventory: The agent has capabilities to execute shell commands (
npx,gh) and read local workspace files. - Sanitization: No sanitization or validation of the remote GitHub content is performed before processing.
Audit Metadata