camofox-browser

SUSPICIOUS. The skill is internally coherent as an anti-detection browser server, but its footprint is high risk: it enables bot-evasion browsing, downloads and executes external binaries, persists/imports authenticated session data, and can install arbitrary third-party plugins that inherit the agent's permissions. Same-org provenance reduces malware certainty, but the transitive plugin trust and secondary binary-fetch model make the overall security risk high.