browser-act-skill-forge

Warn

Audited by Socket on May 19, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The official same-org dependency lowers classic supply-chain concern, but the skill's footprint is still high risk: it reverse-engineers arbitrary sites, processes untrusted web content, generates executable skills/scripts, auto-installs them, and can perform batch actions with minimal user checkpoints. This is internally coherent with its stated purpose, but that purpose itself grants broad and easily abusable capabilities beyond a normal website helper.

Confidence: 89%Severity: 78%
Audit Metadata
Analyzed At
May 19, 2026, 03:51 AM
Package URL
pkg:socket/skills-sh/browser-act%2Fskills%2Fbrowser-act-skill-forge%2F@f21dd99e6ff7745a3103127ea872107aaf0f35a3
Security Audit — socket — browser-act-skill-forge