agent-browser

The agent-browser skill presents a coherent, purpose-aligned browser automation capability suitable for legitimate developer workflows. The footprint (CLI-based browser control, session/state persistence, multiple sessions, data extraction) generally stays within the expected scope of a browser automation utility. The primary security considerations center on at-rest credential handling, data logging/outputs, and clear user consent for data captured from websites. No explicit unauthorized data exfiltration channels or untrusted third-party binaries are apparent. Providers should enforce at-rest encryption for sensitive state, minimize or securely log extracted data, and provide explicit privacy controls and prompts for credential handling. Overall, the skill is BENIGN with MEDIUM concern due to data persistence and potential privacy implications.