doc-image-agent

SUSPICIOUS: The core screenshot and document-illustration behavior fits the stated purpose, and the Playwright MCP install path appears to be official. Risk comes from broad browser automation over arbitrary websites, authenticated access via env credentials, processing untrusted web content with write/exec capability, and forwarding an API key to OpenRouter through a bundled script. This is not clearly malicious, but it is a medium-risk automation skill with meaningful credential and prompt-injection exposure.