chrome-extension
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a purely informational resource and reference for developers building Chrome extensions.
- [SAFE]: Documentation explicitly advises against high-risk behaviors such as using
eval(), loading remote scripts, or obfuscating code, which are common attack vectors. - [SAFE]: Code snippets provided for messaging, storage, and network requests utilize standard patterns (e.g., relaying fetches through service workers to handle CSP) and emphasize validation and security (e.g., checking allowed origins).
- [SAFE]: Tool requirements (git, node, npm) and package references (typescript, puppeteer, esbuild) are standard and appropriate for the stated development purpose.
- [SAFE]: No evidence of prompt injection, data exfiltration, or malicious persistence mechanisms was found in the instructions or reference materials.
Audit Metadata