web-browser-review

SUSPICIOUS: the core purpose is coherent for visual QA, but the footprint is broader than a simple review skill because it executes project scripts, edits code autonomously, and depends on a separate browser skill/toolchain outside the publisher's direct trust boundary. Main concerns are transitive trust in /browse, execution of local dev scripts, and prompt-injection risk from untrusted web content combined with Bash/write access; this is not confirmed malware.