browser-automation

Warn

Audited by Socket on Apr 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

BENIGN for stated purpose, but high-impact. The skill is internally consistent and uses an official npm-distributed browser automation CLI, not an obvious credential-harvesting proxy. The main risk is operational: it grants an agent broad browser powers over arbitrary web content, including login/session handling, form submission, downloads, and page-script evaluation, with most safety controls disabled by default.

Confidence: 86%Severity: 72%
Audit Metadata
Analyzed At
Apr 16, 2026, 05:44 PM
Package URL
pkg:socket/skills-sh/rebyteai%2Frebyte-skills%2Fbrowser-automation%2F@c06ffc7431eb7360946cbc1c826e80139d59a3e0
Security Audit — socket — browser-automation