web-to-prd

SUSPICIOUS. The skill’s capabilities mostly fit its stated purpose, and its main external dependency uses an official same-org Playwright MCP install path. However, it grants broad browser and file-writing powers, processes untrusted web content with action-capable tools, stores session cookies in a persistent profile, and includes outdated Notion MCP guidance. This looks like a high-exposure automation skill rather than malware, but its scope and prompt-injection surface make it medium risk.