automating-browser

SUSPICIOUS: the skill is purpose-aligned as a browser automation/debugging guide, but it grants a very broad action surface with script execution, form interaction, downloads, and network/log capture. No clear credential-harvesting or attacker endpoint is shown, so this is not confirmed malware, but it is a medium-high risk browser control skill that should require explicit per-action user approval.