browser-testing-with-devtools
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses specific injection keywords as examples of untrusted data the agent should ignore, effectively providing defensive instructions against malicious content.
- [EXTERNAL_DOWNLOADS]: The documentation recommends installing the @anthropic/chrome-devtools-mcp package via npx, which is a verified tool from a trusted organization.
- [DATA_EXFILTRATION]: Explicit guidelines are provided to prevent the agent from accessing credentials or exfiltrating browser data to external domains.
- [COMMAND_EXECUTION]: The skill describes the intended use of JavaScript execution for debugging, while imposing strict read-only constraints and requiring user confirmation for any mutations.
Audit Metadata