bb-browser

SUSPICIOUS. The skill's capabilities align with browser automation, but its core dependency is an unverifiable external CLI with no disclosed provenance, while it is positioned to access authenticated private/internal data through the user's browser session. The main concern is install/execution trust and disproportionate access if the binary is not from a verifiable same-org official source.