devtools
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions and scripts to download the Google Chrome browser and its official GPG signing keys from verified Google domains (dl.google.com).
- [REMOTE_CODE_EXECUTION]: The skill utilizes npx to dynamically fetch and execute the 'chrome-devtools-mcp' package from the npm registry, which is the legitimate tool for the skill's stated purpose.
- [COMMAND_EXECUTION]: Employs shell scripts to perform system-level tasks such as environment detection (scripts/detect_environment.sh), port monitoring (using lsof, ss, and netstat), and process management (using pkill and taskkill).
Audit Metadata