browser-use

SUSPICIOUS: the core browser-automation purpose is coherent and the extension provenance appears legitimate, but the skill inserts an undocumented local relay/wrapper with a non-standard token variable while reusing the user's authenticated browser session. The capability set is high-impact and data/token flow is not fully verifiable from the supplied skill.