browserwing

SUSPICIOUS. The stated purpose and capabilities align: this is a browser-automation skill using HTTP endpoints for normal automation tasks. The main risk is data-flow and scope: the configurable BROWSERWING_EXECUTOR_URL can redirect all browsing actions, extracted page data, screenshots, and any typed credentials to an arbitrary executor, not necessarily a trusted local service. No install chain, obfuscation, or explicit credential-file harvesting is shown, so this is not confirmed malware, but it is a medium-risk skill because it can perform real-world browser actions and may forward sensitive inputs to a remote automation service if misconfigured.