agent-browser

SUSPICIOUS: The skill’s capabilities largely match its stated browser-automation purpose and the external CLI appears to come from official same-org sources, so install trust is relatively good. The main risk is functional scope: it gives an AI agent powerful interactive access to arbitrary websites, including auth state, storage, uploads, request interception, and JS execution, which creates meaningful prompt-injection and autonomous-action risk even though it is not obviously malicious.