webperf
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external data.
- Ingestion points: Content is read from browser logs using mcp__chrome-devtools__get_console_message in SKILL.md.
- Boundary markers: There are no instructions to ignore or delimit embedded instructions within the ingested logs.
- Capability inventory: The skill uses mcp__chrome-devtools__evaluate_script and mcp__chrome-devtools__navigate_page as described in SKILL.md.
- Sanitization: No evidence of data sanitization or validation is present.
- [COMMAND_EXECUTION]: The skill performs dynamic execution by running JavaScript snippets in the browser via the mcp__chrome-devtools__evaluate_script tool.
Audit Metadata