cookie-security-analyzer

SUSPICIOUS: the stated purpose is a benign cookie-security guidance skill, but its actual footprint is underspecified and broader than necessary. The main concern is unrestricted npm-capable shell access without any concrete package, source, or install path to verify; there is no direct evidence of malware or exfiltration, but the capability set is not tightly aligned to the minimal task.