chrome-extension-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill provides an architectural surface for reading web content and modifying the DOM, which is inherent to its purpose as a browser extension template. It includes safety measures against exploitation.
- Ingestion points:
assets/templates/content-script/main.ts— TheextractPageDatafunction captures URL, title, visible text, and metadata from the active tab. - Boundary markers: Absent; as a general template, it does not include LLM-specific delimiters or warnings.
- Capability inventory:
assets/templates/content-script/main.ts— TheinsertTextfunction can modify page content;background.tsenables cross-context messaging between the side panel and web pages. - Sanitization:
assets/templates/content-script/main.ts— TheinsertTextfunction usesdocument.createTextNode(), which treats input as literal text, effectively preventing Cross-Site Scripting (XSS) attacks by not parsing HTML. - Data Exposure & Exfiltration (SAFE): No hardcoded credentials, API keys, or suspicious network calls were found. The storage implementation in
background.tsuses the standardwxt/storageAPI for managing extension state locally. - Dependency Analysis (SAFE): The
package.jsonfile references standard, well-maintained packages (React, WXT, Vitest). No unverifiable or risky third-party scripts are loaded or executed at runtime. - Privilege Escalation & Persistence (SAFE): The extension requests standard Manifest V3 permissions (
storage,activeTab,scripting,sidePanel) consistent with its UI and script injection features. No attempts to modify system-level startup files or escalate browser-level permissions were detected.
Audit Metadata