agent-browser

[Skill Scanner] Installation of third-party script detected This SKILL.md documents a legitimate browser automation skill whose capabilities are consistent with its stated purpose. There are no signs of obfuscated or intentionally malicious code in the documentation. Primary security concerns are operational: saving authentication state to disk (auth.json) without guidance on encryption, allowing file:// access to local files, and the ability to route traffic through proxies (which could be misused to intercept credentials if an untrusted proxy is configured). Recommend: treat saved state files as sensitive, avoid untrusted proxies, restrict file:// usage, and install Appium/Xcode only from official sources. Overall the skill is not malicious but has moderate operational risk if misused. LLM verification: This skill's documented behavior is consistent with legitimate browser automation tooling. I found no direct indications of malware or hidden exfiltration in the provided documentation. However, there are practical security concerns: saving session state (auth.json) and using environment variables for credentials can lead to persistent credential exposure; allowing file:// access can leak local files into snapshots; and instructing global npm installs (Appium) increases attack surface on the hos