Lightpanda

Fail

Audited by Snyk on May 30, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). These URLs include direct downloads of unsigned "nightly" binaries hosted on a relatively unknown GitHub repo (lightpanda-io/browser) — a common vector for distributing executables — so despite the script attempting checksum verification via the repo metadata, installing/running these untrusted nightly binaries poses a moderate-to-high risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). The required runtime workflow for this skill is using Lightpanda to goto/fetch arbitrary user-supplied URLs and then ingest the resulting page content (e.g., markdown, semantic_tree, mcp://page/markdown) into the agent’s LLM context, which is outsider-authored free text from public web pages.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 30, 2026, 04:09 PM
Issues
3
Security Audit — snyk — Lightpanda