chrome-replay
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to parse and interpret instructions from external Chrome DevTools Recorder files (JSON and JS), creating a surface for indirect prompt injection.
- Ingestion points: Processes recording files provided by users or external sources as described in
SKILL.md. - Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed recording data.
- Capability inventory: The skill utilizes the Chrome DevTools MCP to perform actions such as
navigate_page,click,type_text,press_key, andevaluate_scriptbased on the recording content. - Sanitization: The instructions do not specify any sanitization or validation of the recording steps before execution.
- [EXTERNAL_DOWNLOADS]: The
context.mdfile contains instructions for the user to download and run thechrome-devtools-mcppackage usingnpxduring setup. - [COMMAND_EXECUTION]: The skill documentation provides technical guidance involving command-line utilities:
context.mdincludes a troubleshooting command to terminate browser processes usingpkill.SKILL.mdsuggests usingjqandpythonto inspect and process recording files locally.
Audit Metadata