chrome-extension
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- Category 1: Prompt Injection (SAFE): No instructions were found that attempt to override system prompts, bypass safety filters, or disclose internal instructions.
- Category 2: Data Exposure & Exfiltration (SAFE): The skill focuses on browser extension development and does not reference sensitive local files (~/.ssh, .env) or unauthorized data exfiltration patterns. It correctly identifies broad host permissions as sensitive.
- Category 3: Obfuscation (SAFE): No encoded strings (Base64), zero-width characters, or homoglyphs were detected.
- Category 4: Unverifiable Dependencies & RCE (SAFE): The skill does not perform external package installations or execute remote code. External links point to official Google developer documentation.
- Category 5: Privilege Escalation (SAFE): No commands related to system-level privilege escalation (sudo, chmod) are present.
- Category 6: Persistence Mechanisms (SAFE): No host-level persistence mechanisms are established. Browser service workers are mentioned only in the context of standard extension architecture.
- Category 8: Indirect Prompt Injection (SAFE): The skill is instructional and does not define ingestion points for untrusted external data that would influence agent reasoning.
- Category 10: Dynamic Execution (SAFE): While it discusses
chrome.scripting.executeScript, this is provided as technical guidance for browser extension functionality, not for executing arbitrary code on the user's host machine.
Audit Metadata