webmcp-dev-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it requires the agent to process data from external, untrusted web sources.
  • Ingestion points: The agent is directed to fetch live documentation from developer.chrome.com and gather community patterns via web searches (SKILL.md).
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the skill for processing external data.
  • Capability inventory: The agent has access to powerful tools including Bash, Write, Edit, Grep, and Glob, which could be misused if the agent obeys malicious instructions found in the fetched content (SKILL.md).
  • Sanitization: There is no evidence of content sanitization or validation before the agent interacts with the retrieved information.
  • [SAFE]: The skill fetches documentation from the official Chrome developer blog, a well-known and trusted service.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — webmcp-dev-patterns