chrome-devtools
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the chrome-devtools-mcp package and official documentation hosted by Google's ChromeDevTools organization and developer domains.- [COMMAND_EXECUTION]: Instructions involve using npx to run the browser automation tool and mentions tools like evaluate_script for interaction with the web environment.- [DATA_EXFILTRATION]: Evaluated for indirect prompt injection vulnerability surface. 1. Ingestion points: Processes external web content via navigate_page and take_snapshot. 2. Boundary markers: Not explicitly defined in the instructions. 3. Capability inventory: Browser interaction tools including click, fill, and evaluate_script. 4. Sanitization: Not specified in the markdown instructions. These factors are typical for browser automation tools and do not represent a malicious finding.
Audit Metadata