browse

This skill is a documentation-only skill that instructs AI agents to perform browser automation via a remote Browserbase cloud session. It is not obviously malicious code, but its design forces routing of all browsing activity — including navigation, form fills, credentials, cookies, screenshots, and network captures — through a third-party service. That centralization creates significant credential-forwarding, privacy, and misuse risks: secrets entered into forms will be visible to the remote provider and persisted in recordings and capture files. The npm install step is a routine supply-chain risk. The advertised capabilities (stealth, residential proxies, CAPTCHA solving) increase abuse potential for scraping, account takeover, or evasion of protections. If a user or agent must interact with sensitive sites or credentials, this skill's enforced remote execution model is disproportionate compared with local-only alternatives and should be treated as medium-high risk unless the Browserbase service is fully trusted, audited, and configured with strict access/retention controls.