Skills
skills/serkan-ozal/browser-devtools-skills/api-testing/Gen Agent Trust Hub

api-testing

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run browser-devtools-cli and node-devtools-cli. These commands are used to manage network stubs, monitor HTTP traffic, and attach debuggers to running backend processes.
  • [SAFE]: No malicious patterns such as obfuscation, hardcoded credentials, or unauthorized data exfiltration were found. The skill's capabilities, including the ability to modify request headers and bodies, are appropriate for an API testing environment.
  • [SAFE]: Evaluation of indirect prompt injection surface identifies potential ingestion points but no immediate risk.
  • Ingestion points: Network traffic data retrieved via get-http-requests and page text via content get-as-text in SKILL.md.
  • Boundary markers: Not explicitly defined in the provided commands, though standard for testing tools.
  • Capability inventory: Includes the ability to intercept/modify network requests and debug Node.js processes via node-devtools-cli.
  • Sanitization: The skill is designed to display and interact with raw technical data for testing purposes; explicit sanitization of the monitored traffic is not mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 11:13 AM