playwright-browser-run-code

SUSPICIOUS: the skill is purpose-aligned but highly powerful, enabling arbitrary browser automation code through an external MCP path. Install trust is not the main issue; the main risk is broad executable capability and exposure to untrusted web content, with no obvious credential harvesting in the skill text.