Skip to content

chore(deps): update dependency chrome-devtools-mcp to v0.12.0 #241

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency chrome-devtools-mcp to v0.12.0 #241

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Dec 10, 2025

This PR contains the following updates:

Package Change Age Confidence
chrome-devtools-mcp 0.11.0 -> 0.12.0 age confidence

Release Notes

ChromeDevTools/chrome-devtools-mcp (chrome-devtools-mcp)

v0.12.0

Compare Source

🎉 Features
🛠️ Fixes
📄 Documentation

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions
Copy link

github-actions bot commented Dec 10, 2025
edited
Loading

🔒 MCP Security Scan Results

❌ chrome-devtools-mcp

  • Status: Failed
  • Tools scanned: 26
  • Vulnerabilities found: 1

Security issues detected:

  • [W004] The MCP server is not in our registry.

Allowed issues (not blocking):

  • [TF001] Data leak toxic flow detected. The same agent has access to at least one tool that produces untrusted content, one tool that can access private data, and one tool that can behave as a public sink. For more information, see https://explorer.invariantlabs.ai/docs/mcp-scan/issue-code-reference/#TF001 (Allowed: Data leak risk acceptable - tool designed for browser automation and debugging workflows where external content interaction is essential. Chrome DevTools MCP server reads page content, console messages, and network requests which may contain sensitive information. Users should be aware of potential data exposure when automating browser interactions.)
  • [TF002] Destructive toxic flow detected. The same agent has access to at least one tool that produces untrusted content and one tool that can behave destructively. For more information, see https://explorer.invariantlabs.ai/docs/mcp-scan/issue-code-reference/#TF002 (Allowed: Destructive flow risk acceptable - browser automation and debugging tools are core functionality. Chrome DevTools MCP includes tools for page navigation, script evaluation, and DOM manipulation. Users should only use with trusted prompts and be aware of the impact of browser automation actions.)

Summary: Scanned 1 MCP server(s), found 1 security issue(s).

⚠️ Action Required: Security issues were detected. Please review and address them before merging.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant