browser-cash

SUSPICIOUS: the skill is internally coherent for a Browser.cash integration and uses first-party API endpoints, so it is not confirmed malware. However, it grants broad shell-driven automation for anti-bot bypass, installs unpinned packages at runtime, and combines arbitrary web content access with code execution, making it a medium-high risk skill.