install-chrome-devtools-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill enables the agent to navigate arbitrary web pages and read/execute page content (see tools like navigate_page, list_console_messages, get_network_request, evaluate_script and the explicit test "Navigate to google.com and list console messages" in SKILL.md), which clearly ingests untrusted third-party content that could influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill installs and runs remote code at runtime via the npx command "npx -y chrome-devtools-mcp@latest" (npm package: https://www.npmjs.com/package/chrome-devtools-mcp), which fetches and executes external code required for the skill to function.