[giobox]

> aside from being a flavor of cookie, I guess

I suspect you have answered your own question - historically cookies in the browser have been one way to identify and control what a user can access, I'm guessing authors have continued the small baked goods theme in naming their own access token.

[JohnFen]

Perhaps I needed to be more specific in my question. "It's a flavor of cookie" doesn't satisfy my curiosity. What I really want to know is why a special term was invented for it in the first place.

[positiveblue]

Well, the answer is "I do not know"

Now, if I had to guess, this are "a new kind of cookies" so they just took a name that went with it (like they did with biscuits https://www.biscuitsec.org/)

There are many chances that they got he name wrong and they meant Macaron (with one O instead of two). Those are "layered" cookies, which bring some resemblance on how "caveats" can be understood.