chrome-devtools-mcp-skill
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the chrome-devtools-mcp package directly from the npm registry via npx. This is documented as the primary method for initializing the DevTools MCP server.
- [COMMAND_EXECUTION]: Utilizes the uxc utility to create command aliases (e.g., chrome-devtools-mcp-cli) and execute local operations for browser control and validation.
- [REMOTE_CODE_EXECUTION]: Provides an evaluate_script operation that executes arbitrary JavaScript in the browser context. While powerful, this is a core requirement for browser automation and is restricted to the web page environment.
- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection through external data processing. Ingestion points: Page snapshots (take_snapshot) and console logs (list_console_messages). Boundary markers: None identified in instructions. Capability inventory: Element clicking, form filling, and script evaluation. Sanitization: No explicit filtering of ingested web content is present.
Audit Metadata