Skills
skills/alcyone-labs/agent-skills/lightpanda/Gen Agent Trust Hub

lightpanda

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads a platform-specific Lightpanda browser binary from its official GitHub repository during the installation phase.
  • [COMMAND_EXECUTION]: Local shell scripts (start.sh, stop.sh) are used to manage the browser process and handle PID/log files within the runtime directory.
  • [PROMPT_INJECTION]: The skill serves as a surface for indirect prompt injection by fetching data from external URLs.
  • Ingestion points: External web content is ingested through fetch.cjs, structured.cjs, interactive.cjs, and semantic.cjs.
  • Boundary markers: No explicit delimiters or instructions are used to isolate the fetched content from the agent's context.
  • Capability inventory: The skill can execute the local lightpanda binary and perform network requests to fetch external data.
  • Sanitization: Fetched content is returned in its raw format (Markdown or JSON) without sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 04:15 AM