agent-browser

BENIGN for stated purpose, but intrinsically high-risk as an AI skill: it is a legitimate browser automation tool with coherent capabilities and mostly credible install sources, yet it grants powerful web-action, auth-state, and untrusted-content handling abilities. The main concerns are prompt-injection exposure from arbitrary websites, authenticated action execution, and sensitive session/state persistence rather than clear malicious intent.