I Audited a Claude Code Plugin That Reads All Your Browser Cookies
A security review of millionco/expect — a Claude Code plugin that runs AI-driven browser tests via Playwright. The skill is safe. The CLI decrypts every cookie in your browser.
A security review of millionco/expect — a Claude Code plugin that runs AI-driven browser tests via Playwright. The skill is safe. The CLI decrypts every cookie in your browser.
The skills ecosystem is growing fast. A recent study found malicious payloads in 13% of published skills. Here's what that looks like in practice and what you can do about it.