upload-session

This code is not overtly destructive or covert in the traditional malware sense, but it performs a highly sensitive credential-handling operation: it launches a real browser with remote debugging, uses CDP Runtime.evaluate to harvest an access token from localStorage, persists the token to disk, and uses it to authenticate uploads of local session data to a server. The key supply-chain risk is that this token-harvesting pattern can become credential exfiltration if LOGIN_URL/SERVER_URL are misconfigured or subverted. Treat the package as security-sensitive and verify the intended trust boundaries and server endpoints.