agent-browser

SUSPICIOUS. The skill’s capabilities broadly match browser automation, and the referenced CLI appears to be a legitimate same-org open-source project. Risk comes from its very broad action surface: wildcard CLI access, arbitrary web browsing, page-JS execution, file writes/uploads, credential handling, and optional third-party cloud browser routing. It is not clearly malicious, but it is a high-impact automation skill that should be treated as medium risk.