troubleshooting
Warn
Audited by Snyk on Mar 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to read the public GitHub troubleshooting page (https://github.com/ChromeDevTools/chrome-devtools-mcp/blob/main/docs/troubleshooting.md) and to check/search GitHub issues/discussions, which are open, user-generated third-party content that the agent must interpret to map errors and decide configuration or actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs the agent at runtime to read the remote troubleshooting document (https://github.com/ChromeDevTools/chrome-devtools-mcp/blob/main/docs/troubleshooting.md), so fetching that external content would directly inform and control the agent's troubleshooting instructions and is treated as a required runtime dependency.
Audit Metadata