Bearblog

The skill is designed for browser automation to manage blog posts on bearblog.dev, which inherently involves high-risk capabilities like browser interaction. While the primary `SKILL.md` emphasizes safer `fill`/`type`/`click` actions, the `examples/browser-api-reference.md` demonstrates the use of `evaluate` for actions such as reading page content, listing posts, and deleting posts (by overriding `window.confirm`). Although these `evaluate` calls are plausibly needed for the stated purpose of managing a blog, they represent a powerful capability allowing arbitrary JavaScript execution within the browser context, which elevates the risk beyond benign, even without clear evidence of intentional malicious activity like data exfiltration or persistence in the provided content.