Agent Browser

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] No explicit malware or obfuscated backdoor is visible in this documentation fragment. However, the skill explicitly encourages connecting to real Chrome profiles and persisting sessions, which grants broad access to cookies, OAuth sessions, and other sensitive browser data. That capability is legitimate for automation but disproportionate for many tasks and can be abused if the binary or package is malicious or compromised. Treat the package as potentially dangerous in practice unless sourced from a trusted upstream, audited, and run with explicit user consent and least-privilege (use isolated profiles or temporary sessions rather than the user's default profile). LLM verification: Functionality and risks align with a legitimate browser automation CLI, but the documentation explicitly guides reusing real Chrome profiles via CDP and persisting sessions, which materially increases exposure of sensitive browser state (cookies, OAuth tokens, logged-in sessions). No direct evidence of hidden malware or obfuscation in the provided text, but these powerful features (eval, CDP, session reuse, file upload) make the tool attractive for credential harvesting or data exfiltration if t