cc_chrome_devtools_mcp_skill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples that pass authentication headers and tokens directly as CLI arguments (e.g., --wsHeaders='{"Authorization":"Bearer token"}' and wsEndpoint with an id), which encourages embedding secrets verbatim in commands/args and therefore creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly navigates to and loads arbitrary URLs (navigate_page / new_page) and captures page content and network responses (list_network_requests, get_network_request, take_snapshot), meaning it ingests untrusted public web content that could carry indirect prompt injection.