web-performance-optimization
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Suggests that the user install the 'chrome-devtools-mcp' package from the npm registry using 'npx'. This is a standard procedure for configuring the required MCP server environment for this skill.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from external websites.\n
- Ingestion points: Page navigation ('navigate_page'), network request listing ('list_network_requests'), and network data retrieval ('get_network_request') in SKILL.md.\n
- Boundary markers: Absent; there are no instructions to the agent to treat external page content as untrusted or to use specific delimiters.\n
- Capability inventory: The skill has capabilities to navigate to arbitrary URLs, inspect network traffic, and capture DOM snapshots.\n
- Sanitization: No sanitization or filtering of external content is mentioned in the workflow.
Audit Metadata