chrome-devtools

No direct evidence of intentional malware is present in this module (no exfiltration, shelling, or overt malicious payloads). However, it has significant security sensitivity: it stores authentication/session state in plaintext JSON and re-applies it into a live browser via cookies, localStorage/sessionStorage, and injected headers, while also enabling browser attachment via persisted wsEndpoint and launching Chrome with sandbox disabled. If attackers can tamper with the stored JSON files or influence the connection/profile inputs, they could hijack or force authenticated browser behavior. This should be treated as a security-hardening concern with medium-to-high risk in deployments handling secrets.