steel-browser

SUSPICIOUS. The skill’s capabilities largely match its stated purpose as a cloud browser integration, and the publisher/source relationship appears coherent. The main concerns are the pipe-to-shell installer, third-party cloud handling of browsing/session data and credentials, explicit stealth/CAPTCHA-bypass features, and autonomous real-world web actions. This looks more like a high-risk browser automation skill than confirmed malware.