Skills
skills/ghou533/agent-skills/chrome-devtools/Gen Agent Trust Hub

chrome-devtools

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references the chrome-devtools-mcp package from the NPM registry to be run via npx. This is the core component used to establish the connection with the Chrome DevTools protocol.
  • [COMMAND_EXECUTION]: Includes an evaluate_script tool that allows for the execution of arbitrary JavaScript within the browser context. While powerful, this is a standard and necessary feature for the stated purpose of browser automation and debugging.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) because it ingests data from external web pages.
  • Ingestion points: Data is ingested from web pages using take_snapshot and evaluate_script.
  • Boundary markers: No specific delimiters or instructions to ignore embedded content are described in the documentation.
  • Capability inventory: The agent can perform actions such as navigate_page, click, fill, and evaluate_script.
  • Sanitization: There is no mention of sanitizing or filtering the content retrieved from web pages before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:47 PM