baoyu-danger-gemini-web

The skill centerpieces a legitimate Gemini Web API client with image/text generation and vision capabilities, but its footprint includes high-risk patterns: reverse-engineered API usage, browser-based authentication flow, consent gating, and handling of credentials via environment variables and cookies. Data flows to external services and depends on third-party tooling (bun, Chrome) whose authenticity and integrity are not verifiable within the skill. Overall, the skill is suspicious rather than benign due to its reliance on reverse-engineered APIs, potential credential exposure, and multiple external data flows. If used, it should be limited to trusted environments with strict access controls, verifiable provenance, and explicit user consent management. Security posture should be improved by specifying verifiable API endpoints, secure credential storage, minimized data leakage (no sensitive prompts in logs), and removing any unverified binaries or external dependencies beyond official registries.

The code is not overtly malware (no suspicious remote exfiltration, no obfuscation, no hard-coded credentials). However, it intentionally extracts Google authentication/session cookies via a locally started browser's DevTools Protocol and persists them to disk. That capability is high-privilege and privacy-sensitive: if misused or run in an untrusted environment it can enable account takeover or session theft. Treat this module as sensitive: review how and where cookies are persisted (file permissions and consumers), ensure it runs only in trusted contexts, and consider requiring explicit user consent/secure storage for extracted cookies.