chrome-devtools
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Mentions npx execution of the official chrome-devtools-mcp package and links to official documentation at developer.chrome.com and github.com/ChromeDevTools.
- [COMMAND_EXECUTION]: Uses MCP tools for browser interactions and script evaluation, which are standard for debugging tasks.
- [PROMPT_INJECTION]: Interacts with external web pages via take_snapshot and evaluate_script, which presents a surface for indirect prompt injection. 1. Ingestion points: Web content via take_snapshot in SKILL.md. 2. Boundary markers: Not specified. 3. Capability inventory: evaluate_script, click, fill, and navigate_page in SKILL.md. 4. Sanitization: Not specified.
Audit Metadata