agent-browser

Purpose and capabilities are broadly aligned: this is a legitimate browser automation skill, not clear malware. The main concern is operational risk: it gives an AI agent broad, mostly unrestricted access to arbitrary web content and authenticated browser actions, creating high prompt-injection and autonomy risk even without deceptive data flows.