deep-research

SUSPICIOUS. The stated purpose fits browser automation for Gemini research, and the destination domain is official Google Gemini. However, the skill depends on an unverified browser proxy extension and an unseen local script, creating a significant trust gap. No direct credential theft or clearly malicious data exfiltration is visible, but the unverifiable execution chain makes the skill medium-high risk.