cdp-bridge-mcp-browser-control

SUSPICIOUS. The skill's capabilities mostly match its stated purpose, and the installer path is reasonably consistent with an official PyPI/GitHub project, so this is not confirmed malware. However, the skill gives an AI agent high-impact access to a live logged-in browser session, including cookies, page content, screenshots, navigation, and arbitrary JavaScript execution, which is disproportionately sensitive and enables consequential actions under the user's identity.