text2agent

SUSPICIOUS. The skill’s core purpose is plausible, but its footprint is broad: it reads external skill content, writes executable agent code, dynamically registers agents, and auto-installs dependencies through unpinned runtime package execution. The official Playwright MCP reference lowers the chance of outright malware, but the combination of autonomous system changes, prompt reuse from untrusted SKILL files, and dynamic installs makes this a high security-risk meta-skill.