Skills
skills/staruhub/ratelnextweb/chrome-devtools-e2e/Gen Agent Trust Hub

chrome-devtools-e2e

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill configuration suggests using npx to download and run the chrome-devtools-mcp package from the npm registry. This is a standard deployment method for MCP servers.
  • [COMMAND_EXECUTION]: The skill utilizes the chrome-devtools-mcp tool to perform browser automation, including script evaluation and element interaction.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it ingests data from external websites.
  • Ingestion points: Content is brought into the agent's context via take_snapshot, list_console_messages, and list_network_requests.
  • Boundary markers: No specific delimiters or "ignore instructions" guards are defined to separate untrusted page content from the skill's operational logic.
  • Capability inventory: The skill grants the agent capabilities to evaluate_script (running arbitrary JavaScript), click elements, and fill form data, which could be abused if the agent follows instructions found within a page.
  • Sanitization: There is no evidence of filtering or sanitizing the data retrieved from the browser snapshot or console before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 12:36 PM