setup-browser-cookies

SUSPICIOUS. The core cookie-import behavior is purpose-aligned, but the skill is wrapped in a broad gstack framework that adds telemetry, optional remote sync, project file edits, and git commits unrelated to importing cookies. The result is an over-scoped skill with medium security risk, though not clear malware.