opencli-browser

SUSPICIOUS: the skill’s capabilities mostly match its browser-automation purpose, and the main CLI comes from a same-publisher npm package, so this is not strongly indicative of malware. However, it grants an AI agent authenticated browser automation, exposure to sensitive logged-in page/API data, broad OpenCLI command execution, and code-generation/execution workflows, which makes the overall security risk medium-to-high and warrants caution.