reflex-browser

SUSPICIOUS. The browser-automation purpose broadly matches the capabilities, but the install trust story is weak: a private tokenized registry plus undocumented agent/runtime download commands create a notable supply-chain risk. No clear credential exfiltration or overtly malicious behavior is shown, but the unverifiable install path and arbitrary web interaction make this skill medium-high risk.