functions

SUSPICIOUS. The skill’s stated purpose, official Browserbase endpoints, and credential needs are broadly coherent, but the trusted path is undermined by an unpinned runtime install of @browserbasehq/sdk-functions plus evidence that this package was compromised. Because the skill forwards Browserbase API credentials into that package and enables remote browser automation, the overall risk is high even though the documented data flow otherwise looks legitimate.