reflex-browser

SUSPICIOUS: the skill's stated purpose matches browser automation, but its core functionality depends on a globally installed CLI fetched from a private custom registry with no source or release verification in the skill. That makes install trust the dominant risk; the footprint is plausible, yet insufficiently transparent for a benign classification.