browser-automation

SUSPICIOUS. The core browser automation capabilities match the stated purpose, and the referenced dependency appears to be an official Microsoft Playwright MCP project rather than an unknown third-party payload. However, the skill gives an agent action-capable access to arbitrary websites, including form submission and script execution, which creates meaningful indirect prompt-injection and autonomy risk if used on untrusted pages or without explicit user approval for consequential actions.