Comment by Osmose

I wrote a post about the UITour parts a long time ago: https://www.mkelly.me/blog/content-uitourjs/

It's pretty standard among browsers. The risk should be about equal to someone spoofing the domains that the browser downloads software updates from, and you can turn it off via prefs if you really don't want it.