fill-content

The package is not obviously malicious from the package.json alone, but it has non-trivial security risks: the postinstall runs Playwright's installer which downloads and installs browser binaries (network-fetched, platform-specific artifacts). That behavior is a supply-chain risk because compromised download endpoints or a malicious Playwright release could introduce arbitrary code. Additionally, the presence of an external AI SDK (@anthropic-ai/sdk) increases the risk surface for telemetry or data exfiltration depending on package runtime behavior. Recommend auditing the package source code, verifying Playwright download endpoints and checksums if possible, and reviewing any code that uses @anthropic-ai/sdk to ensure no secrets are sent during install.