browser-login

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill explicitly captures and vaults browser session cookies (sensitive authentication tokens) for reuse — a dual-use credential-harvesting capability that can enable account takeover or exfiltration, and it also invokes a dynamic npx install which presents a supply-chain execution risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes npx to fetch-and-run an external package at runtime (npx -y @claude-flow/cli@latest), which downloads and executes remote code and is used here as a required dependency to store cookies.