dev-browser

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] This Dev Browser skill's stated capabilities, installation instructions, and data flows are coherent and consistent with its purpose (browser automation with optional control of an existing browser). I found no obfuscated code, hardcoded credentials, hidden network exfiltration endpoints, or explicit malicious constructs in the provided description. The main security concern is the expected high privilege of Extension Mode: controlling the user's real browser with persisted state allows access to authenticated sessions and sensitive data, so operators must trust the relay server, the GitHub extension binary, and any scripts run through the skill. Practically: the skill appears functionally benign but requires careful operational precautions (audit the relay and extension repo, limit persisted state, and avoid running untrusted scripts) because misuse could lead to credential exposure. LLM verification: The package is a legitimate browser automation skill whose capabilities are consistent with the stated purpose. I found no direct evidence of obfuscated or intentionally malicious code, hardcoded secrets, or connections to suspicious domains in the provided text. However, the combination of Extension Mode (access to live authenticated browser sessions), arbitrary JS execution in page contexts (page.evaluate), network request interception/replay, and instructions to run local servers/npm install