Skills
skills/bjesuiter/skills/jb-chrome-mcp/Gen Agent Trust Hub

jb-chrome-mcp

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes a local shell script ./scripts/ensure-jb-chrome-mcp.sh to verify the remote debugging environment and configure the mcporter server.
  • [EXTERNAL_DOWNLOADS]: Fetches and runs the chrome-devtools-mcp package from the official registry using npx during the setup process.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from web pages through snapshots, console logs, and network requests, creating an attack surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context via take_snapshot, list_console_messages, and list_network_requests in SKILL.md.
  • Boundary markers: Absent; no delimiters or explicit instructions to ignore embedded content are specified in the interaction prompts.
  • Capability inventory: Includes arbitrary JavaScript execution (evaluate_script), file-writing (take_screenshot), and network navigation via the mcporter tool interface.
  • Sanitization: Absent; the skill does not define validation or filtering of the content retrieved from external browser tabs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 01:27 PM