Baoyu Danger Gemini Web

The skill implements a reverse-engineered Gemini Web API client that extracts sensitive Google session cookies (__Secure-1PSID, __Secure-1PSIDTS) directly from the user's browser using the Chrome DevTools Protocol (CDP) in 'scripts/gemini-webapi/utils/load-browser-cookies.ts'. It attempts to reuse existing Chrome debugging sessions or launch new ones to programmatically retrieve cookies, which are then stored locally in 'cookies.json'. While the skill includes a consent flow in 'SKILL.md' and limits network communication to legitimate Google endpoints (e.g., gemini.google.com, googleapis.com), the use of CDP for cookie extraction is a high-risk technique typically associated with session hijacking and credential theft.