Glimpse Security-Collection of common programming errors

I am convinced that I want to use Glimpse for my project, but I would like to learn a bit more about the security model.

From what I can tell, when you turn Glimpse on, it simply writes a set of cookies to the client. When Glimpse receives these cookies, Glimpse begins to record information for the request and then sends it to the client.

Seems like I could just set the cookies for a site I know uses Glimpse and I would then be able to see their information.

I highly doubt this is how it works, so I would like to know what features are in place to prevent exposing server information.