Chrome DevTools MCP Manager

Security checks across malware telemetry and agentic risk

Overview

This is a transparent setup guide for Chrome DevTools MCP browser automation, with manageable cautions around powerful browser control and one forceful troubleshooting command.

Install or use this only if you want MCP-based browser automation. Prefer pinning chrome-devtools-mcp to a trusted version instead of using @latest, avoid using it on sensitive logged-in pages unless needed, and verify the process name/path owning port 18800 before running any force-kill troubleshooting command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill documents a command that force-kills whatever process currently owns port 18800, without verifying that the process is actually the intended Chrome instance. This can terminate unrelated local software, cause data loss, or disrupt other services if the port is occupied by a different application.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documented Stop-Process -Force command is destructive and presented as routine troubleshooting with no explicit caution that it may abruptly terminate the wrong process. In an agent skill context, this increases the chance that an automated or inattentive user follows the instruction and kills an unrelated process without saving state or confirming ownership.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal