browser-automation
Warn
Audited by Socket on Apr 16, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
BENIGN for stated purpose, but high-impact. The skill is internally consistent and uses an official npm-distributed browser automation CLI, not an obvious credential-harvesting proxy. The main risk is operational: it grants an agent broad browser powers over arbitrary web content, including login/session handling, form submission, downloads, and page-script evaluation, with most safety controls disabled by default.
Confidence: 86%Severity: 72%
Audit Metadata