web-access

SUSPICIOUS: The skill's browser automation purpose is plausible, but its footprint is broad. The main concerns are third-party routing through Jina for page retrieval, operation inside the user's real logged-in Chrome session, and concurrent sub-agent browsing with strong action capability. There is no clear evidence of credential theft or malicious payloads, but the data flows and scope are high enough to treat it as medium-high security risk.