agentcookie-install
Audited by Socket on Jun 14, 2026
2 alerts found:
SecurityAnomalyThe provided content is an automation prompt/runbook rather than executable code. It directs an agent to perform unattended local and remote installation of a service that syncs Chrome sessions, explicitly reading a sensitive pairing secret from `~/.agentcookie/pairing.json` and using it to authorize a remote installer over SSH/Tailscale. While the fragment contains no explicit obfuscated payloads or exfiltration targets, the workflow is high-impact and abuse-prone due to remote execution plus secret transfer and the privacy sensitivity of Chrome session synchronization. Verification should focus on the legitimacy of the `agentcookie` package, the security of the pairing secret lifecycle, and the trust model of the automation agent controlling remote commands.