[Brave Shield] Don't trust external filter lists by default

[superlex]

Description

tusted- scriptlets in external filter lists should be ignored by default

Steps to Reproduce

1. Add a filter list that contains example.org##+js(trusted-set-cookie, excookie, example)
2. See that excookie cookie is set with value example

Actual result:

excookie cookie is set with value example

Expected result:

excookie cookie is not set at all

Reproduces how often: Easily reproduced

Desktop Brave version: 1.60.114

Android Device details:

• Install type (ARM, x86):
• Device type (Phone, Tablet, Phablet):
• Android version:

Version/Channel Information:

• Can you reproduce this issue with the current release? Yes
• Can you reproduce this issue with the beta channel?
• Can you reproduce this issue with the nightly channel?

Other Additional Information:

• Does the issue resolve itself when disabling Brave Shields? Yes
• Does the issue resolve itself when disabling Brave Rewards?
• Is the issue reproducible on the latest version of Chrome?

Miscellaneous Information:

[diracdeltas]

@ryanbr @antonok-edm is this expected behavior

[superlex]

In addition,

• trusted-click-element can redirect in another site;
• replace-node-text can replace scripts;
• and so on.

So I think that only internal brave/ublock0 filter lists should be considered trusted by default.

Then a user could/should be able to trust other filter lists with advanced settings, e.g. via brave://adblock or brave://flags.