Skills
skills/whoamihappyhacking/lazycat-skills/lazycat-lpk-builder/Gen Agent Trust Hub

lazycat-lpk-builder

Warn

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The lzc-manifest.yml specification supports an injects field, which allows applications to load and execute scripts from external HTTPS sources.
  • Evidence: references/manifest-spec.md demonstrates an example configuration where a script is fetched from https://dev.example.com/inject.js and injected into matched HTML pages.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary shell commands through build and initialization scripts.
  • Evidence: The buildscript field in lzc-build.yml (referenced in SKILL.md and references/build-spec.md) defines a script (e.g., sh build.sh) to be executed on the host during the packaging process.
  • Evidence: The setup_script field in lzc-manifest.yml allows for the execution of root-level commands within the service container before the main application starts.
  • [EXTERNAL_DOWNLOADS]: The skill describes methods for automatically fetching and installing software dependencies from remote repositories.
  • Evidence: The devshell configuration in references/build-spec.md specifies the installation of packages like nodejs, npm, and python3 from well-known mirrors (Tsinghua and NPM Mirror).
  • [COMMAND_EXECUTION]: The documentation provides instructions on how to grant applications high-level privileges, such as netadmin (for network system calls) and full Docker privileged mode.
  • Evidence: references/manifest-spec.md details the netadmin boolean and references/troubleshooting.md explains using compose_override to grant capabilities like cap_add or privileged: true to containers.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 7, 2026, 12:25 PM