Skills
skills/chromedevtools/chrome-devtools-mcp/chrome-devtools-cli/Gen Agent Trust Hub

chrome-devtools-cli

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the chrome-devtools command-line utility for browser automation and management tasks.
  • [EXTERNAL_DOWNLOADS]: Documentation recommends the global installation of the chrome-devtools-mcp package from the npm registry to enable the skill's functionality.
  • [REMOTE_CODE_EXECUTION]: The evaluate_script command allows the agent to execute arbitrary JavaScript code within the active browser page session.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ability to process data from external, potentially untrusted web pages. Ingestion points: Untrusted data enters the agent context through take_snapshot (page content), list_console_messages (browser logs), and get_network_request (network traffic). Boundary markers: No explicit markers or instructions are defined to separate ingested web content from the agent's primary instructions. Capability inventory: The skill provides high-privilege tools including evaluate_script, upload_file, and browser navigation commands. Sanitization: There is no evidence of content sanitization or validation for the data retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 06:53 AM