Skills
skills/serkan-ozal/browser-devtools-claude/web-debugging/Gen Agent Trust Hub

web-debugging

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its core function of analyzing external, untrusted content.
  • Ingestion points: The agent ingests untrusted data from web pages via o11y_get-console-messages, o11y_get-http-requests, and a11y_take-aria-snapshot.
  • Boundary markers: There are no instructions defining delimiters or boundary markers to help the agent distinguish between its own instructions and potentially malicious commands embedded in external data.
  • Capability inventory: The skill provides capabilities for arbitrary JavaScript execution via page.evaluate(), access to browser storage (cookies and local storage), and full visibility into network headers and responses.
  • Sanitization: The instructions do not specify any validation or sanitization procedures for the data retrieved from external sources before it is interpreted by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 02:47 AM