observability
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it ingests data from external sources.\n
- Ingestion points: Consumes browser console logs, network request details, and backend application logs via
browser-devtools-cliandnode-devtools-cliinSKILL.md.\n - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when handling this external data.\n
- Capability inventory: The skill can navigate the browser, interact with UI elements, and modify backend execution via tracepoints.\n
- Sanitization: There is no explicit logic described for sanitizing or filtering logs or request data before they enter the agent's context.\n- [DATA_EXFILTRATION]: The skill configures telemetry exporters to send data to external platforms like Honeycomb and Jaeger. It uses standard placeholders for API keys (e.g.,
YOUR_API_KEY), avoiding the exposure of actual credentials.\n- [COMMAND_EXECUTION]: Usesbrowser-devtools-cliandnode-devtools-clito perform monitoring and debugging actions. These tools are necessary for the skill's stated purpose and are used according to best practices.
Audit Metadata