Chrome Testing Knowledge

Name: chrome-test-runner-plugin/chrome-testing
Author: victor-qin

Share on X Share on LinkedIn Share on Bluesky

100Critical

This QA testing skill allows arbitrary JavaScript execution and extensive data collection, posing a significant risk for data ex

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Chrome Testing Knowledge: These are the tools available when Claude Code is connected to Chrome (`claude --chrome`):

Actually does

This skill describes a set of browser-based testing tools: `read_network_requests` to capture HTTP traffic, `read_console_messages` for console output, `javascript_tool` to execute arbitrary JS for page inspection, `computer: screenshot` and `gif_creator` for visual capture, and `read_page` for DOM/accessibility tree analysis. It provides guidance on using these tools for common bug patterns, console message triage, network health, and useful JavaScript snippets.

Threat Analysis

AI Agent Traps ↗Scanned 4/16/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learningclean

Behavioural ControlAction4 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namevictor-qin/chrome-test-runner-plugin/chrome-testing

Registrygithub

Version2801a1b69042

PURLpkg:github/victor-qin/chrome-test-runner-plugin@2801a1b69042?skill=chrome-testing

Source

Repository ↗SKILL.md ↗

SHA-256eefdfe54039f...

SHA-1d8e7bd148d6c...

MD5e611563ae299...

TLSHc2a1d7522d64...

ssdeep96:Hpl41/GL5...

Size5,041 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/victor-qin/chrome-test-runner-plugin

Claude CodeDocs

/plugin marketplace add victor-qin/chrome-test-runner-plugin

/plugin install chrome-testing@victor-qin/chrome-test-runner-plugin

Skills.shDocs

npx skills add https://github.com/victor-qin/chrome-test-runner-plugin

Assessments (2)

AI Agent Traps ↗

Arbitrary JavaScript Execution Capabilitycriticalcommand execution

The `javascript_tool` allows the execution of arbitrary JavaScript code within the browser context, enabling powerful actions like data exfiltration, DOM manipulation, and session hijacking.

100% confidence

javascript_tool | Execute arbitrary JS to inspect page state | tabId, text (JS code)

Potential for Data Exfiltration and Reconnaissancehighdata exfiltration, reconnaissance

The combination of `read_network_requests`, `read_page`, and `javascript_tool` provides extensive capabilities to collect sensitive network traffic, DOM content, and browser state, which could be exfiltrated.

90% confidenceline 17

`read_network_requests`, `read_page`, `javascript_tool`

Browser Runtime Modification via JavaScripthighcommand execution, persistence

The skill explicitly provides a JavaScript snippet that modifies native browser functions (`window.setInterval`), demonstrating the ability to hook and alter browser runtime behavior, which could be abused for monitoring or persistence.

100% confidenceline 121

window.__intervals = window.__intervals || 0; const origSetInterval = window.setInterval; window.setInterval = (...args) => { window.__intervals++; return origSetInterval(...args); }; window.__intervals

Broad Access to Browser Telemetrymediumreconnaissance

The skill grants access to comprehensive browser telemetry including network requests, console messages, and performance metrics, which can be used for extensive reconnaissance of user activity and application state.

90% confidenceline 18

`read_network_requests`, `read_console_messages`, `performance.getEntriesByType` snippets

Oversight Evasion Risk due to Powerful Toolsmediumoversight evasion

The skill provides highly powerful and potentially dangerous browser interaction tools under the guise of 'QA testing,' which could be exploited by a malicious prompt to bypass human oversight for unintended actions.

80% confidence

description: Knowledge base for QA testing..., combined with `javascript_tool` capabilities

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/victor-qin/chrome-test-runner-plugin/chrome-testing.svg)](https://mondoo.com/ai-agent-security/skills/github/victor-qin/chrome-test-runner-plugin/chrome-testing)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/victor-qin/chrome-test-runner-plugin/chrome-testing"><img src="https://mondoo.com/ai-agent-security/api/badge/github/victor-qin/chrome-test-runner-plugin/chrome-testing.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/victor-qin/chrome-test-runner-plugin/chrome-testing.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow