agent-browser

The provided SKILL.md documents a legitimate browser automation CLI with powerful primitives expected in such tools. There is no evidence of embedded malicious code in this documentation. However, multiple documented features substantially increase the risk surface: loading arbitrary browser extensions, saving/restoring full session state to disk, passing credentials in proxy URLs, routing through third-party provider services, and executing arbitrary JavaScript. These are not intrinsically malicious but can be abused or misconfigured to exfiltrate credentials or page data. I recommend reviewing the actual implementation, any referenced templates and extensions, and operational defaults (encryption of state files, validation of extensions, secure default providers) before using this tool in sensitive environments.