Skills
skills/dawiddutoit/custom-claude/chrome-auth-recorder/Gen Agent Trust Hub

chrome-auth-recorder

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from external browser sessions.
  • Ingestion points: The skill ingests data from browser console logs via read_console_messages and network traffic via read_network_requests (documented in SKILL.md and references/mcp-tools-reference.md).
  • Boundary markers: There are no explicit delimiters or 'ignore embedded instructions' warnings applied to the data retrieved from console or network monitoring tools.
  • Capability inventory: The skill possesses the capability to execute browser interactions through the computer tool (actions: left_click, type, screenshot) and export data via the gif_creator tool.
  • Sanitization: While the skill uses regex patterns to filter for errors, it does not perform sanitization or escaping of the content within those logs before they are presented to the agent context.
  • [COMMAND_EXECUTION]: The skill uses the computer tool to perform automated browser interactions including clicks and text input. While this is the primary purpose of the recorder and requires a pre-approved plan via update_plan, it allows the agent to execute actions within authenticated user sessions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 05:23 PM