chrome-devtools
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's files consist of instructions and references for browser-based debugging tasks. No suspicious code or hidden behaviors were identified across the English and Chinese versions.
- [PROMPT_INJECTION]: Analysis of the skill's attack surface identifies a potential for indirect prompt injection common to all browser-interaction tools.
- Ingestion points: Untrusted data is ingested from external web pages via
take_snapshot,list_console_messages, andlist_network_requests(referenced inreferences/chrome-devtools.md). - Boundary markers: No specific boundary markers or instructions to ignore instructions within ingested data are defined in the SKILL.md files.
- Capability inventory: The skill allows for significant browser-side interaction, including executing JavaScript via
evaluate_script, filling forms withfill_form, and UI interaction withclickandtype_text. - Sanitization: The instructions do not specify any sanitization or validation of content retrieved from web pages before it is processed by the agent.
Audit Metadata