web-perf
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill provides instructions to configure a local MCP server using the
chrome-devtools-mcppackage vianpx. This is the standard installation method for these tools and uses the public npm registry. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it retrieves and processes content from external websites.
- Ingestion points: Untrusted data enters the agent context via
navigate_pageandtake_snapshotcalls to external URLs. - Boundary markers: The skill lacks explicit delimiters or instructions to the agent to disregard instructions embedded within the analyzed website content.
- Capability inventory: The skill uses tools for performance tracing and metadata extraction (network logs, accessibility tree). It does not appear to have file-system write access or the ability to make arbitrary network POST requests for data exfiltration.
- Sanitization: There is no mention of sanitizing or validating the content retrieved from external pages before it is processed by the agent.
Audit Metadata