browser-automation

SUSPICIOUS. The core capabilities broadly match the stated browser-automation purpose, but the anti-detection emphasis and code generation from untrusted web content raise misuse and prompt-injection risk. Install trust is only moderate because publisher provenance appears to be a personal GitHub repo with unpinned registry/ZIP distribution paths, though the provided skill itself shows no credential harvesting, covert behavior, or third-party credential routing.