It loves html & css but is skeptical about cookies, scripts and plugins

Cookies and scripts are supported but are disabled by default. They can be enabled for trusted sites. There are no plans for plugins yet.

Its internal modules are firmly sandboxed

For example, the css module can't access your filesystem nor can cookie code access the network. This is in addition to the sandboxing and same-origin policies of a typical browser.

It is built with a high-level language and runtime (Java)