baoyu-danger-gemini-web

This module is designed to automate obtaining authenticated Google (Gemini) cookies by launching or attaching to Chrome via the DevTools Protocol, polling for session readiness, and persisting cookies to disk. The code does not contain obvious obfuscated malware, remote command/backdoor behavior, or calls to attacker-controlled endpoints. However, it performs sensitive actions: retrieving and storing authentication cookies and controlling a browser process. That behavior is high-risk from a credential-exposure perspective and could be misused to harvest credentials if used without explicit user consent. Recommend treating this component as sensitive: audit its use, ensure the user knows cookies will be extracted and stored, restrict access to the cookie cache file, and verify provenance of the package before use.

The skill's footprint is broadly coherent with its stated purpose of Gemini-based generation and vision-enabled outputs. It relies on a reverse-engineered API and browser-based OAuth, which introduces legitimate privacy and trust considerations. Data flows to Gemini services and local credential surfaces (cookies, consent files) are the main risk vectors. The overall risk is moderate: data flow to external services, credential/cookie exposure risk, and reliance on reverse-engineered endpoints without official guarantees. No unverifiable binaries or explicit credential forwarding to unknown third-party binaries are described, but credential exposure surfaces and external API dependency justify cautious use.