Skills
skills/gsmlg-dev/code-agent/chrome-devtools-mcp/Gen Agent Trust Hub

chrome-devtools-mcp

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes execute_script to perform DOM queries, detect layout issues, and simulate user interactions (hover, focus). This is the standard mechanism for browser-based automation.- [EXTERNAL_DOWNLOADS]: The documentation references npx chrome-devtools-mcp@latest as the method for initializing the server. This fetches the package from the official NPM registry, a well-known service.- [SAFE]: External links point to official documentation at developer.chrome.com and the official GitHub repository github.com/ChromeDevTools/chrome-devtools-mcp for troubleshooting.- [PROMPT_INJECTION]: The skill interacts with external web pages, creating a surface for indirect prompt injection.
  • Ingestion points: External web content is ingested via take_snapshot and execute_script (SKILL.md).
  • Boundary markers: The instructions do not define specific delimiters or guardrails for processing the untrusted content returned by the browser.
  • Capability inventory: The agent has capabilities to execute JavaScript (execute_script), navigate to any URL (navigate_page), and write to the local filesystem (take_screenshot with path) (SKILL.md).
  • Sanitization: There is no mention of sanitizing or escaping the data retrieved from web pages before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 06:32 AM