autobrowse

SUSPICIOUS: the core behavior fits the stated purpose of self-improving browser automation, and the cited install sources are same-org and reasonably legitimate. The main risk is not deceptive provenance but the high-power loop: it ingests untrusted website content, has Bash/Write/Agent access, can spawn sub-agents, and can install new skills into ~/.claude/skills. That combination makes it a high-capability automation skill with meaningful prompt-injection and transitive-trust risk, though not confirmed malware.