web-perf
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and analyzes untrusted data from external websites.
- Ingestion points: Target website content and network data accessed via navigate_page and list_network_requests tools.
- Boundary markers: The instructions do not define specific delimiters or security headers to isolate external data from agent instructions.
- Capability inventory: The skill utilizes the chrome-devtools MCP tools for navigation, tracing, and network analysis. It does not possess arbitrary code execution or file writing capabilities.
- Sanitization: No explicit sanitization or validation of the external web data is implemented in the skill instructions.
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the chrome-devtools-mcp package from the NPM registry using the npx utility to enable required MCP tools.
- [COMMAND_EXECUTION]: Provides a command snippet for the user to include in their MCP configuration file, which involves the execution of the chrome-devtools-mcp tool through npx.
Audit Metadata