browser-act-skill-forge
Warn
Audited by Socket on May 19, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS. The official same-org dependency lowers classic supply-chain concern, but the skill's footprint is still high risk: it reverse-engineers arbitrary sites, processes untrusted web content, generates executable skills/scripts, auto-installs them, and can perform batch actions with minimal user checkpoints. This is internally coherent with its stated purpose, but that purpose itself grants broad and easily abusable capabilities beyond a normal website helper.
Confidence: 89%Severity: 78%
Audit Metadata