agent-browser

[Skill Scanner] Installation of third-party script detected All findings: [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill appears to be a legitimate browser automation CLI: its documented capabilities match its stated purpose. It includes several high-privilege features (arbitrary in-page eval, session state save/load, file:// access, proxy configuration, and CDP attachment) that are necessary for advanced automation but also enable credential exposure or data exfiltration if misused or combined with untrusted scripts/configs. I find no evidence of embedded malicious code or supply-chain download-execute patterns in the provided documentation, but the privilege surface warrants caution: users should avoid saving credentials in plaintext, restrict proxy and CDP endpoints to trusted hosts, protect the encryption key, and treat eval and templates from untrusted sources as potentially dangerous. LLM verification: The code/documentation is coherently aligned with its stated purpose (browser automation skill). However, it includes external-install instructions and shell-command patterns that could be misused if executed in an uncontrolled environment. No hardcoded secrets or direct data exfiltration are present, but the combination of download/install patterns and powerful automation capabilities warrants caution. Treat as SUSPICIOUS due to potential supply-chain and execution-risk patterns, with benign in