tekin

The skill is classified as suspicious due to the broad range of powerful capabilities exposed through the `agent-browser` CLI, granted by `allowed-tools: Bash(agent-browser:*)` in `SKILL.md`. While these features are legitimate for browser automation, they present significant risk if abused. Key indicators include the ability to upload local files (`agent-browser upload`), execute arbitrary JavaScript within the browser context (`agent-browser eval`), access and manipulate browser cookies and local storage (`agent-browser cookies`, `agent-browser storage`), save browser session state to disk (`agent-browser state save`), and intercept/mock network requests (`agent-browser network route`). These capabilities, without explicit malicious instructions, make the skill highly susceptible to prompt injection or misuse by a compromised agent.