Skills
skills/parkyoungwoong/skills/lighthouse/Gen Agent Trust Hub

lighthouse

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: T h e s k i l l e m p l o y s s e v e r a l s h e l l c o m m a n d s f o r i t s o p e r a t i o n:
  • c u r l i s u s e d t o v e r i f y s e r v e r a v a i l a b i l i t y b e f o r e a u d i t i n g.
  • l s a n d w h i c h a r e u s e d t o d e t e c t C h r o m e o r C h r o m i u m b r o w s e r i n s t a l l a t i o n s.
  • n p x @l h c i / c l i c o l l e c t i s u s e d t o e x e c u t e t h e a u d i t.
  • `r m
  • r f . / . l i g h t h o u s e c i` i s u s e d t o c l e a n u p t e m p o r a r y a u d i t f i l e s.
  • [EXTERNAL_DOWNLOADS]: F e t c h e s a n d e x e c u t e s t h e @l h c i / c l i p a c k a g e f r o m n p m u s i n g n p x.T h i s i s t h e o f f i c i a l C L I f o r G o o g l e L i g h t h o u s e C I.
  • [PROMPT_INJECTION]: E x h i b i t s a n i n d i r e c t p r o m p t i n j e c t i o n s u r f a c e b y p r o c e s s i n g l o c a l r e p o s i t o r y f i l e s:
  • In g e s t i o n p o i n t s: R e a d s p r o j e c t c o n f i g u r a t i o n f i l e s l i k e n e x t.c o n f i g.j s, a n g u l a r.j s o n, a n d L i g h t h o u s e-s p e c i f i c c o n f i g s s u c h a s .l i g h t h o u s e r c.j s t o i n f e r U R L s a n d a u d i t s e t t i n g s.
  • Bou n d a r y m a r k e r s: N o e x p l i c i t b o u n d a r y m a r k e r s o r i n s t r u c t i o n s a r e g i v e n t o t h e a g e n t t o d i s r e g a r d m a l i c i o u s i n s t r u c t i n g s t h a t m i g h t b e p r e s e n t i n t h e s e f i l e s.
  • Cap a b i l i t y i n v e n t o r y: T h e s k i l l c a n e x e c u t e s h e l l c o m m a n d s a n d m a k e c o d e c h a n g e s b a s e d o n t h e a u d i t r e s u l t s.
  • San i t i z a t i o n: T h e r e i s n o e v i d e n c e o f s a n i t i z a t i o n f o r v a r i a b l e s (e.g., {U R L}) t h a t a r e e x t r a c t e d f r o m l o c a l c o n f i g s a n d p a s s e d i n t o s h e l l c o m m a n d s,w h i c h c o u l d l e a d t o c o m m a n d i n j e c t i o n i f t h e r e p o s i t o r y i s a t t a c k e r-c o n t r o l l e d.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:32 AM