agent-browser

Functionally the tool aligns with its stated purpose of browser automation/testing. It presents several high-value sensitive artifacts and powerful sinks (state files, proxy credentials, extension/executable loading, network interception, screenshots/recordings) that create realistic avenues for credential theft and data exfiltration if used without strict controls. I found no explicit embedded malware or obfuscation in the documented CLI, but the combination of features constitutes a moderate-to-high security risk in untrusted environments. Mitigations: restrict use to trusted operators, encrypt and protect saved state files, avoid inline proxy credentials, disallow untrusted extensions/executables, and audit any persisted network logs or outputs.