cbrowser 18.19.0 → 18.22.0

package/dist/index.d.ts

@@ -16,7 +16,7 @@
  * await browser.close();
  * ```
  */
-export { CBrowser } from "./browser.js";
+export { CBrowser, launchBrowserWithFallback, isBrowserNotInstalledError, installPlaywrightBrowsers, getBrowserInstallErrorMessage } from "./browser.js";
 export { getDefaultConfig, getPaths, ensureDirectories, mergeConfig } from "./config.js";
 export type { CBrowserConfig, CBrowserPaths, BrowserType } from "./config.js";
 export * from "./types.js";
@@ -38,4 +38,6 @@ export * from "./values/index.js";
 export { registerAllPublicTools, registerBaseTools, registerPersonaCreationTools, registerAskUserTool, registerEnterpriseStubs, registerNavigationTools, registerInteractionTools, registerExtractionTools, registerAssertionTools, registerAnalysisTools, registerSessionTools, registerHealingTools, registerVisualTestingTools, registerTestingTools, registerBugAnalysisTools, registerPersonaComparisonTools, registerCognitiveTools, registerValuesTools, registerPerformanceTools, registerAuditTools, registerBrowserManagementTools, registerRemediationTools, registerLlmsTxtTools, } from "./mcp-tools/index.js";
 export type { ToolRegistrationContext } from "./mcp-tools/index.js";
 export * from "./security/index.js";
+export { connectToLightpanda, launchWithLightpandaFallback, getLightpandaStatus, isLightpandaConfigured, shouldUseLightpanda, getLightpandaConfig, isSensitiveOperation, LIGHTPANDA_SETUP_GUIDE, LIGHTPANDA_SECURITY_WARNING, LIGHTPANDA_LOCAL_ENDPOINT, LIGHTPANDA_CLOUD_ENDPOINT, } from "./lightpanda.js";
+export type { LightpandaConfig, LightpandaConnectionResult, SensitiveOperation } from "./lightpanda.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACzF,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC9E,cAAc,YAAY,CAAC;AAC3B,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAGnE,cAAc,sBAAsB,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACpF,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAIvH,cAAc,mBAAmB,CAAC;AAGlC,cAAc,oBAAoB,CAAC;AAGnC,cAAc,qBAAqB,CAAC;AAGpC,cAAc,wBAAwB,CAAC;AAGvC,cAAc,qBAAqB,CAAC;AAGpC,cAAc,wBAAwB,CAAC;AAGvC,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAG1E,cAAc,oBAAoB,CAAC;AAInC,cAAc,oBAAoB,CAAC;AAGnC,cAAc,4BAA4B,CAAC;AAI3C,cAAc,mBAAmB,CAAC;AAIlC,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,4BAA4B,EAC5B,mBAAmB,EACnB,uBAAuB,EAEvB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,0BAA0B,EAC1B,oBAAoB,EACpB,wBAAwB,EACxB,8BAA8B,EAC9B,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,kBAAkB,EAClB,8BAA8B,EAC9B,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAGpE,cAAc,qBAAqB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,yBAAyB,EAAE,0BAA0B,EAAE,yBAAyB,EAAE,6BAA6B,EAAE,MAAM,cAAc,CAAC;AACzJ,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACzF,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC9E,cAAc,YAAY,CAAC;AAC3B,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAGnE,cAAc,sBAAsB,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACpF,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAIvH,cAAc,mBAAmB,CAAC;AAGlC,cAAc,oBAAoB,CAAC;AAGnC,cAAc,qBAAqB,CAAC;AAGpC,cAAc,wBAAwB,CAAC;AAGvC,cAAc,qBAAqB,CAAC;AAGpC,cAAc,wBAAwB,CAAC;AAGvC,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAG1E,cAAc,oBAAoB,CAAC;AAInC,cAAc,oBAAoB,CAAC;AAGnC,cAAc,4BAA4B,CAAC;AAI3C,cAAc,mBAAmB,CAAC;AAIlC,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,4BAA4B,EAC5B,mBAAmB,EACnB,uBAAuB,EAEvB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,0BAA0B,EAC1B,oBAAoB,EACpB,wBAAwB,EACxB,8BAA8B,EAC9B,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,kBAAkB,EAClB,8BAA8B,EAC9B,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAGpE,cAAc,qBAAqB,CAAC;AAKpC,OAAO,EACL,mBAAmB,EACnB,4BAA4B,EAC5B,mBAAmB,EACnB,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,sBAAsB,EACtB,2BAA2B,EAC3B,yBAAyB,EACzB,yBAAyB,GAC1B,MAAM,iBAAiB,CAAC;AACzB,YAAY,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/index.js

@@ -16,7 +16,7 @@
  * await browser.close();
  * ```
  */
-export { CBrowser } from "./browser.js";
+export { CBrowser, launchBrowserWithFallback, isBrowserNotInstalledError, installPlaywrightBrowsers, getBrowserInstallErrorMessage } from "./browser.js";
 export { getDefaultConfig, getPaths, ensureDirectories, mergeConfig } from "./config.js";
 export * from "./types.js";
 export { BUILTIN_PERSONAS, registerPersonas } from "./personas.js";
@@ -56,4 +56,8 @@ export { registerAllPublicTools, registerBaseTools, registerPersonaCreationTools
 registerNavigationTools, registerInteractionTools, registerExtractionTools, registerAssertionTools, registerAnalysisTools, registerSessionTools, registerHealingTools, registerVisualTestingTools, registerTestingTools, registerBugAnalysisTools, registerPersonaComparisonTools, registerCognitiveTools, registerValuesTools, registerPerformanceTools, registerAuditTools, registerBrowserManagementTools, registerRemediationTools, registerLlmsTxtTools, } from "./mcp-tools/index.js";
 // Security module (v18.0.0) - Request signing and audit logging
 export * from "./security/index.js";
+// Lightpanda Integration (v18.20.0) - High-performance headless browser
+// Uses CDP connection for 11x faster, 9x less memory headless browsing
+// ⚠️ SECURITY: Opt-in only, no security audit, never for sensitive ops
+export { connectToLightpanda, launchWithLightpandaFallback, getLightpandaStatus, isLightpandaConfigured, shouldUseLightpanda, getLightpandaConfig, isSensitiveOperation, LIGHTPANDA_SETUP_GUIDE, LIGHTPANDA_SECURITY_WARNING, LIGHTPANDA_LOCAL_ENDPOINT, LIGHTPANDA_CLOUD_ENDPOINT, } from "./lightpanda.js";
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEzF,cAAc,YAAY,CAAC;AAC3B,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAEnE,yEAAyE;AACzE,cAAc,sBAAsB,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACpF,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvH,2BAA2B;AAC3B,wBAAwB;AACxB,cAAc,mBAAmB,CAAC;AAElC,iBAAiB;AACjB,cAAc,oBAAoB,CAAC;AAEnC,kBAAkB;AAClB,cAAc,qBAAqB,CAAC;AAEpC,+BAA+B;AAC/B,cAAc,wBAAwB,CAAC;AAEvC,4BAA4B;AAC5B,cAAc,qBAAqB,CAAC;AAEpC,qBAAqB;AACrB,cAAc,wBAAwB,CAAC;AAEvC,6BAA6B;AAC7B,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE1E,2BAA2B;AAC3B,cAAc,oBAAoB,CAAC;AAEnC,6CAA6C;AAC7C,uDAAuD;AACvD,cAAc,oBAAoB,CAAC;AAEnC,sEAAsE;AACtE,cAAc,4BAA4B,CAAC;AAE3C,2EAA2E;AAC3E,oEAAoE;AACpE,cAAc,mBAAmB,CAAC;AAElC,sDAAsD;AACtD,6DAA6D;AAC7D,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,4BAA4B,EAC5B,mBAAmB,EACnB,uBAAuB;AACvB,8CAA8C;AAC9C,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,0BAA0B,EAC1B,oBAAoB,EACpB,wBAAwB,EACxB,8BAA8B,EAC9B,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,kBAAkB,EAClB,8BAA8B,EAC9B,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAG9B,gEAAgE;AAChE,cAAc,qBAAqB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,yBAAyB,EAAE,0BAA0B,EAAE,yBAAyB,EAAE,6BAA6B,EAAE,MAAM,cAAc,CAAC;AACzJ,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEzF,cAAc,YAAY,CAAC;AAC3B,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAEnE,yEAAyE;AACzE,cAAc,sBAAsB,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACpF,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvH,2BAA2B;AAC3B,wBAAwB;AACxB,cAAc,mBAAmB,CAAC;AAElC,iBAAiB;AACjB,cAAc,oBAAoB,CAAC;AAEnC,kBAAkB;AAClB,cAAc,qBAAqB,CAAC;AAEpC,+BAA+B;AAC/B,cAAc,wBAAwB,CAAC;AAEvC,4BAA4B;AAC5B,cAAc,qBAAqB,CAAC;AAEpC,qBAAqB;AACrB,cAAc,wBAAwB,CAAC;AAEvC,6BAA6B;AAC7B,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE1E,2BAA2B;AAC3B,cAAc,oBAAoB,CAAC;AAEnC,6CAA6C;AAC7C,uDAAuD;AACvD,cAAc,oBAAoB,CAAC;AAEnC,sEAAsE;AACtE,cAAc,4BAA4B,CAAC;AAE3C,2EAA2E;AAC3E,oEAAoE;AACpE,cAAc,mBAAmB,CAAC;AAElC,sDAAsD;AACtD,6DAA6D;AAC7D,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,4BAA4B,EAC5B,mBAAmB,EACnB,uBAAuB;AACvB,8CAA8C;AAC9C,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,0BAA0B,EAC1B,oBAAoB,EACpB,wBAAwB,EACxB,8BAA8B,EAC9B,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,kBAAkB,EAClB,8BAA8B,EAC9B,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAG9B,gEAAgE;AAChE,cAAc,qBAAqB,CAAC;AAEpC,wEAAwE;AACxE,uEAAuE;AACvE,uEAAuE;AACvE,OAAO,EACL,mBAAmB,EACnB,4BAA4B,EAC5B,mBAAmB,EACnB,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,sBAAsB,EACtB,2BAA2B,EAC3B,yBAAyB,EACzB,yBAAyB,GAC1B,MAAM,iBAAiB,CAAC"}

package/dist/lightpanda.d.ts

@@ -0,0 +1,184 @@
+/**
+ * CBrowser - Cognitive Browser Automation
+ * Copyright 2026 Alexandria Eden alexandria.shai.eden@gmail.com
+ * Learn more at https://cbrowser.ai - MIT License
+ */
+/**
+ * Lightpanda Integration
+ *
+ * Lightpanda is a high-performance headless browser written in Zig.
+ * It's 11x faster and uses 9x less memory than Chrome headless.
+ *
+ * This module provides CDP-based integration with Playwright, allowing
+ * CBrowser to use Lightpanda as an alternative browser backend.
+ *
+ * ⚠️ SECURITY NOTICE:
+ * - Lightpanda is BETA software with no formal security audit
+ * - No SECURITY.md or vulnerability disclosure policy
+ * - Cloud mode routes traffic through lightpanda.io servers
+ * - Never use for credential handling or sensitive operations
+ *
+ * @see https://lightpanda.io/
+ * @see https://github.com/lightpanda-io/browser
+ * @since 18.20.0
+ */
+import { chromium, type Browser } from "playwright";
+/**
+ * Lightpanda connection configuration
+ */
+export interface LightpandaConfig {
+    /** WebSocket endpoint (e.g., ws://127.0.0.1:9222, wss://cloud.lightpanda.io/ws) */
+    endpoint?: string;
+    /** API token for cloud connections */
+    token?: string;
+    /** Connection timeout in ms (default: 30000) */
+    timeout?: number;
+    /** Explicitly opt-in to Lightpanda (required for use) */
+    explicitOptIn?: boolean;
+}
+/**
+ * Lightpanda connection result
+ */
+export interface LightpandaConnectionResult {
+    success: boolean;
+    browser?: Browser;
+    endpoint?: string;
+    error?: string;
+    isCloud: boolean;
+    /** Security warning if using cloud mode */
+    securityWarning?: string;
+}
+/**
+ * Operations that should NEVER use Lightpanda due to security concerns
+ */
+export type SensitiveOperation = "auth" | "login" | "credential" | "payment" | "checkout" | "password" | "2fa" | "mfa" | "oauth";
+/**
+ * Default local endpoint for Lightpanda
+ */
+export declare const LIGHTPANDA_LOCAL_ENDPOINT = "ws://127.0.0.1:9222";
+/**
+ * Cloud endpoint template
+ */
+export declare const LIGHTPANDA_CLOUD_ENDPOINT = "wss://euwest.cloud.lightpanda.io/ws";
+/**
+ * Get Lightpanda configuration from environment variables
+ */
+export declare function getLightpandaConfig(): LightpandaConfig;
+/**
+ * Check if Lightpanda is configured (env vars set)
+ */
+export declare function isLightpandaConfigured(): boolean;
+/**
+ * Check if an operation is sensitive and should never use Lightpanda
+ */
+export declare function isSensitiveOperation(operation?: string): boolean;
+/**
+ * Check if Lightpanda should be used for the current operation
+ *
+ * SECURITY: Lightpanda is OPT-IN ONLY. It will NOT be used automatically
+ * even if configured. The caller must explicitly set explicitOptIn: true.
+ *
+ * Lightpanda is suitable for:
+ * - Agent-ready audits (public page analysis)
+ * - Empathy audits (accessibility testing)
+ * - Web scraping of public content
+ * - Performance-critical batch operations
+ *
+ * Lightpanda is NOT suitable for:
+ * - Any authentication flows
+ * - Credential handling
+ * - Payment/checkout flows
+ * - Visual regression testing
+ * - Cross-browser testing
+ */
+export declare function shouldUseLightpanda(options: {
+    headless?: boolean;
+    requiresVisualAccuracy?: boolean;
+    browserType?: string;
+    /** Must be true to enable Lightpanda */
+    explicitOptIn?: boolean;
+    /** Operation name - checked against sensitive patterns */
+    operation?: string;
+}): boolean;
+/**
+ * Build the Lightpanda WebSocket URL
+ */
+export declare function buildLightpandaUrl(config: LightpandaConfig): string;
+/**
+ * Check if a Lightpanda server is available at the given endpoint
+ *
+ * Uses Playwright's connectOverCDP with a short timeout to verify connectivity.
+ */
+export declare function checkLightpandaAvailability(endpoint?: string, timeout?: number): Promise<boolean>;
+/**
+ * Connect to Lightpanda via CDP
+ *
+ * Lightpanda exposes a Chrome DevTools Protocol (CDP) interface,
+ * which Playwright can connect to using chromium.connectOverCDP().
+ *
+ * ⚠️ SECURITY: Cloud connections route traffic through lightpanda.io.
+ * Never use for sensitive operations.
+ *
+ * @example
+ * ```typescript
+ * // Local Lightpanda instance (recommended)
+ * const result = await connectToLightpanda({ endpoint: "ws://127.0.0.1:9222" });
+ *
+ * // Lightpanda Cloud (⚠️ traffic visible to lightpanda.io)
+ * const result = await connectToLightpanda({ token: "your-api-token" });
+ * ```
+ */
+export declare function connectToLightpanda(config?: LightpandaConfig): Promise<LightpandaConnectionResult>;
+/**
+ * Launch a browser with Lightpanda (OPT-IN ONLY)
+ *
+ * ⚠️ SECURITY: Lightpanda is NOT used automatically. You must explicitly
+ * set explicitOptIn: true to use it. This is a security measure because:
+ * - Lightpanda is beta software with no security audit
+ * - Cloud mode exposes traffic to third party
+ * - It should never be used for sensitive operations
+ *
+ * @example
+ * ```typescript
+ * // Explicit opt-in required
+ * const { browser, isLightpanda } = await launchWithLightpandaFallback({
+ *   headless: true,
+ *   explicitOptIn: true,  // Required!
+ *   operation: "agent-ready-audit",  // Checked against sensitive patterns
+ * });
+ * ```
+ */
+export declare function launchWithLightpandaFallback(options: {
+    headless?: boolean;
+    requiresVisualAccuracy?: boolean;
+    browserType?: "chromium" | "firefox" | "webkit";
+    launchOptions?: Parameters<typeof chromium.launch>[0];
+    /** Must be true to enable Lightpanda - OPT-IN ONLY */
+    explicitOptIn?: boolean;
+    /** Operation name - sensitive operations are blocked */
+    operation?: string;
+}): Promise<{
+    browser: Browser;
+    isLightpanda: boolean;
+    securityWarning?: string;
+}>;
+/**
+ * Get Lightpanda status information
+ */
+export declare function getLightpandaStatus(): Promise<{
+    configured: boolean;
+    available: boolean;
+    endpoint: string;
+    isCloud: boolean;
+    error?: string;
+    securityWarning?: string;
+}>;
+/**
+ * Lightpanda setup instructions with security warnings
+ */
+export declare const LIGHTPANDA_SETUP_GUIDE = "\n\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\n\u2551  Lightpanda Setup - High-Performance Headless Browser                        \u2551\n\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D\n\nLightpanda is 11x faster and uses 9x less memory than Chrome headless.\nIt's ideal for AI agents, web scraping, and automated testing.\n\n\u2501\u2501\u2501 \u26A0\uFE0F SECURITY NOTICE \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nLightpanda is BETA software. Before using, understand:\n\n  \uD83D\uDD34 NO SECURITY AUDIT - No formal security review or SECURITY.md\n  \uD83D\uDD34 BETA STATUS - Crashes and bugs are expected\n  \uD83D\uDD34 CLOUD EXPOSURE - Cloud mode routes traffic through lightpanda.io\n  \uD83D\uDD34 OPT-IN ONLY - Requires explicit --lightpanda flag\n\nNEVER use Lightpanda for:\n  \u2717 Authentication or login flows\n  \u2717 Credential or password handling\n  \u2717 Payment or checkout processes\n  \u2717 Any sensitive data operations\n\n\u2501\u2501\u2501 Option 1: Local Installation (Recommended) \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nDocker (isolates Lightpanda from your system):\n  docker run -d --name lightpanda -p 9222:9222 lightpanda/browser:nightly\n\nBinary (Linux/macOS):\n  curl -LO https://github.com/lightpanda-io/browser/releases/latest/download/lightpanda\n  chmod +x lightpanda\n  ./lightpanda serve --host 127.0.0.1 --port 9222\n\nThen set environment variable:\n  export LIGHTPANDA_ENDPOINT=ws://127.0.0.1:9222\n\n\u2501\u2501\u2501 Option 2: Lightpanda Cloud (\u26A0\uFE0F Third-Party Data Exposure) \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nWARNING: Cloud mode sends ALL browser traffic through lightpanda.io servers.\nThey can see: URLs, page content, cookies, form submissions.\n\nOnly use for PUBLIC content you don't mind sharing.\n\n1. Sign up at https://lightpanda.io/\n2. Get your API token from the dashboard\n3. Set environment variable:\n   export LIGHTPANDA_TOKEN=your-api-token\n\n\u2501\u2501\u2501 Usage (OPT-IN REQUIRED) \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nLightpanda is NOT used automatically. You must explicitly opt-in:\n\n  # Check status\n  npx cbrowser lightpanda-status\n\n  # Take screenshot with Lightpanda (--lightpanda flag required)\n  npx cbrowser screenshot https://example.com --lightpanda\n\n  # Run audit with Lightpanda\n  npx cbrowser agent-ready-audit https://example.com --lightpanda\n\n\u2501\u2501\u2501 When to Use Lightpanda \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\n\u2705 Good for (public, non-sensitive):\n  \u2022 Agent-ready audits on public sites\n  \u2022 Empathy audits (accessibility testing)\n  \u2022 Web scraping public content\n  \u2022 Performance benchmarking\n  \u2022 Batch operations on public pages\n\n\u274C Never use for:\n  \u2022 Visual regression testing (different rendering)\n  \u2022 Cross-browser testing (Chromium only)\n  \u2022 Authentication flows\n  \u2022 Any operation with credentials\n  \u2022 Payment or checkout testing\n\n\u2501\u2501\u2501 More Information \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nGitHub: https://github.com/lightpanda-io/browser\nDocumentation: https://lightpanda.io/docs\nCBrowser Integration: https://cbrowser.ai/docs/lightpanda\n";
+/**
+ * Security warning constant for display
+ */
+export declare const LIGHTPANDA_SECURITY_WARNING: string;
+//# sourceMappingURL=lightpanda.d.ts.map

package/dist/lightpanda.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lightpanda.d.ts","sourceRoot":"","sources":["../src/lightpanda.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,QAAQ,EAAE,KAAK,OAAO,EAAE,MAAM,YAAY,CAAC;AAEpD;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mFAAmF;IACnF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,sCAAsC;IACtC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gDAAgD;IAChD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,yDAAyD;IACzD,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,2CAA2C;IAC3C,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAC1B,MAAM,GACN,OAAO,GACP,YAAY,GACZ,SAAS,GACT,UAAU,GACV,UAAU,GACV,KAAK,GACL,KAAK,GACL,OAAO,CAAC;AAEZ;;GAEG;AACH,eAAO,MAAM,yBAAyB,wBAAwB,CAAC;AAE/D;;GAEG;AACH,eAAO,MAAM,yBAAyB,wCAAwC,CAAC;AAE/E;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,gBAAgB,CAOtD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,IAAI,OAAO,CAGhD;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAehE;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE;IAC3C,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wCAAwC;IACxC,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,0DAA0D;IAC1D,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,GAAG,OAAO,CA+BV;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,CAmBnE;AAED;;;;GAIG;AACH,wBAAsB,2BAA2B,CAC/C,QAAQ,GAAE,MAAkC,EAC5C,OAAO,GAAE,MAAa,GACrB,OAAO,CAAC,OAAO,CAAC,CAQlB;AAqBD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,CAAC,EAAE,gBAAgB,GACxB,OAAO,CAAC,0BAA0B,CAAC,CAsCrC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,4BAA4B,CAAC,OAAO,EAAE;IAC1D,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,WAAW,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;IAChD,aAAa,CAAC,EAAE,UAAU,CAAC,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACtD,sDAAsD;IACtD,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,wDAAwD;IACxD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,GAAG,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,YAAY,EAAE,OAAO,CAAC;IAAC,eAAe,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAgDjF;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC;IACnD,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC,CAsCD;AAED;;GAEG;AACH,eAAO,MAAM,sBAAsB,+yKAkFlC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,QAUhC,CAAC"}

package/dist/lightpanda.js

@@ -0,0 +1,416 @@
+/**
+ * CBrowser - Cognitive Browser Automation
+ * Copyright 2026 Alexandria Eden alexandria.shai.eden@gmail.com
+ * Learn more at https://cbrowser.ai - MIT License
+ */
+/**
+ * Lightpanda Integration
+ *
+ * Lightpanda is a high-performance headless browser written in Zig.
+ * It's 11x faster and uses 9x less memory than Chrome headless.
+ *
+ * This module provides CDP-based integration with Playwright, allowing
+ * CBrowser to use Lightpanda as an alternative browser backend.
+ *
+ * ⚠️ SECURITY NOTICE:
+ * - Lightpanda is BETA software with no formal security audit
+ * - No SECURITY.md or vulnerability disclosure policy
+ * - Cloud mode routes traffic through lightpanda.io servers
+ * - Never use for credential handling or sensitive operations
+ *
+ * @see https://lightpanda.io/
+ * @see https://github.com/lightpanda-io/browser
+ * @since 18.20.0
+ */
+import { chromium } from "playwright";
+/**
+ * Default local endpoint for Lightpanda
+ */
+export const LIGHTPANDA_LOCAL_ENDPOINT = "ws://127.0.0.1:9222";
+/**
+ * Cloud endpoint template
+ */
+export const LIGHTPANDA_CLOUD_ENDPOINT = "wss://euwest.cloud.lightpanda.io/ws";
+/**
+ * Get Lightpanda configuration from environment variables
+ */
+export function getLightpandaConfig() {
+    return {
+        endpoint: process.env.LIGHTPANDA_ENDPOINT,
+        token: process.env.LIGHTPANDA_TOKEN,
+        timeout: parseInt(process.env.LIGHTPANDA_TIMEOUT || "30000", 10) || 30000,
+        explicitOptIn: false, // Must be explicitly set
+    };
+}
+/**
+ * Check if Lightpanda is configured (env vars set)
+ */
+export function isLightpandaConfigured() {
+    const config = getLightpandaConfig();
+    return !!(config.endpoint || config.token);
+}
+/**
+ * Check if an operation is sensitive and should never use Lightpanda
+ */
+export function isSensitiveOperation(operation) {
+    if (!operation)
+        return false;
+    const lower = operation.toLowerCase();
+    const sensitivePatterns = [
+        "auth",
+        "login",
+        "credential",
+        "payment",
+        "checkout",
+        "password",
+        "2fa",
+        "mfa",
+        "oauth",
+    ];
+    return sensitivePatterns.some((pattern) => lower.includes(pattern));
+}
+/**
+ * Check if Lightpanda should be used for the current operation
+ *
+ * SECURITY: Lightpanda is OPT-IN ONLY. It will NOT be used automatically
+ * even if configured. The caller must explicitly set explicitOptIn: true.
+ *
+ * Lightpanda is suitable for:
+ * - Agent-ready audits (public page analysis)
+ * - Empathy audits (accessibility testing)
+ * - Web scraping of public content
+ * - Performance-critical batch operations
+ *
+ * Lightpanda is NOT suitable for:
+ * - Any authentication flows
+ * - Credential handling
+ * - Payment/checkout flows
+ * - Visual regression testing
+ * - Cross-browser testing
+ */
+export function shouldUseLightpanda(options) {
+    // SECURITY: Require explicit opt-in
+    if (!options.explicitOptIn) {
+        return false;
+    }
+    // SECURITY: Block sensitive operations
+    if (isSensitiveOperation(options.operation)) {
+        if (process.env.CBROWSER_VERBOSE === "true") {
+            console.log(`⚠️  Lightpanda blocked for sensitive operation: ${options.operation}`);
+        }
+        return false;
+    }
+    // Only use Lightpanda for headless chromium operations
+    if (options.browserType && options.browserType !== "chromium") {
+        return false;
+    }
+    // Don't use for visual accuracy requirements
+    if (options.requiresVisualAccuracy) {
+        return false;
+    }
+    // Only use for headless mode
+    if (options.headless === false) {
+        return false;
+    }
+    // Check if configured
+    return isLightpandaConfigured();
+}
+/**
+ * Build the Lightpanda WebSocket URL
+ */
+export function buildLightpandaUrl(config) {
+    // If explicit endpoint provided, use it
+    if (config.endpoint) {
+        let url = config.endpoint;
+        // Append token if provided and endpoint doesn't have it
+        if (config.token && !url.includes("token=")) {
+            const separator = url.includes("?") ? "&" : "?";
+            url = `${url}${separator}token=${config.token}`;
+        }
+        return url;
+    }
+    // If only token provided, use cloud endpoint
+    if (config.token) {
+        return `${LIGHTPANDA_CLOUD_ENDPOINT}?token=${config.token}`;
+    }
+    // Default to local endpoint
+    return LIGHTPANDA_LOCAL_ENDPOINT;
+}
+/**
+ * Check if a Lightpanda server is available at the given endpoint
+ *
+ * Uses Playwright's connectOverCDP with a short timeout to verify connectivity.
+ */
+export async function checkLightpandaAvailability(endpoint = LIGHTPANDA_LOCAL_ENDPOINT, timeout = 5000) {
+    try {
+        const browser = await chromium.connectOverCDP(endpoint, { timeout });
+        await browser.close();
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Get security warning for cloud mode
+ */
+function getCloudSecurityWarning() {
+    return `
+⚠️  CLOUD MODE SECURITY WARNING:
+   Your browser traffic will be routed through lightpanda.io servers.
+   They can see: URLs visited, page content, cookies, and form data.
+
+   DO NOT use cloud mode for:
+   • Authentication flows
+   • Handling credentials or passwords
+   • Payment or checkout processes
+   • Any sensitive data
+
+   For sensitive operations, use local Lightpanda or Playwright Chromium.
+`.trim();
+}
+/**
+ * Connect to Lightpanda via CDP
+ *
+ * Lightpanda exposes a Chrome DevTools Protocol (CDP) interface,
+ * which Playwright can connect to using chromium.connectOverCDP().
+ *
+ * ⚠️ SECURITY: Cloud connections route traffic through lightpanda.io.
+ * Never use for sensitive operations.
+ *
+ * @example
+ * ```typescript
+ * // Local Lightpanda instance (recommended)
+ * const result = await connectToLightpanda({ endpoint: "ws://127.0.0.1:9222" });
+ *
+ * // Lightpanda Cloud (⚠️ traffic visible to lightpanda.io)
+ * const result = await connectToLightpanda({ token: "your-api-token" });
+ * ```
+ */
+export async function connectToLightpanda(config) {
+    const cfg = config || getLightpandaConfig();
+    const endpoint = buildLightpandaUrl(cfg);
+    const isCloud = endpoint.includes("cloud.lightpanda.io");
+    // Add security warning for cloud mode
+    const securityWarning = isCloud ? getCloudSecurityWarning() : undefined;
+    if (isCloud && process.env.CBROWSER_VERBOSE === "true") {
+        console.log(securityWarning);
+    }
+    try {
+        // Use Playwright's CDP connection
+        const browser = await chromium.connectOverCDP(endpoint, {
+            timeout: cfg.timeout || 30000,
+        });
+        console.log(`🐼 Connected to Lightpanda ${isCloud ? "(Cloud ⚠️)" : "(Local)"}`);
+        return {
+            success: true,
+            browser,
+            endpoint,
+            isCloud,
+            securityWarning,
+        };
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return {
+            success: false,
+            error: `Failed to connect to Lightpanda at ${endpoint}: ${message}`,
+            endpoint,
+            isCloud,
+            securityWarning,
+        };
+    }
+}
+/**
+ * Launch a browser with Lightpanda (OPT-IN ONLY)
+ *
+ * ⚠️ SECURITY: Lightpanda is NOT used automatically. You must explicitly
+ * set explicitOptIn: true to use it. This is a security measure because:
+ * - Lightpanda is beta software with no security audit
+ * - Cloud mode exposes traffic to third party
+ * - It should never be used for sensitive operations
+ *
+ * @example
+ * ```typescript
+ * // Explicit opt-in required
+ * const { browser, isLightpanda } = await launchWithLightpandaFallback({
+ *   headless: true,
+ *   explicitOptIn: true,  // Required!
+ *   operation: "agent-ready-audit",  // Checked against sensitive patterns
+ * });
+ * ```
+ */
+export async function launchWithLightpandaFallback(options) {
+    const { headless = true, requiresVisualAccuracy = false, browserType = "chromium", launchOptions = {}, explicitOptIn = false, operation, } = options;
+    // Check if we should try Lightpanda (requires explicit opt-in)
+    if (shouldUseLightpanda({ headless, requiresVisualAccuracy, browserType, explicitOptIn, operation })) {
+        const result = await connectToLightpanda();
+        if (result.success && result.browser) {
+            return {
+                browser: result.browser,
+                isLightpanda: true,
+                securityWarning: result.securityWarning,
+            };
+        }
+        // Log fallback reason if verbose
+        if (process.env.CBROWSER_VERBOSE === "true") {
+            console.log(`⚠️  Lightpanda unavailable: ${result.error}`);
+            console.log("   Falling back to Playwright Chromium...");
+        }
+    }
+    // Fall back to Playwright
+    const { chromium: playwrightChromium, firefox, webkit } = await import("playwright");
+    const launchers = {
+        chromium: playwrightChromium,
+        firefox,
+        webkit,
+    };
+    const launcher = launchers[browserType] || playwrightChromium;
+    const browser = await launcher.launch({
+        headless,
+        ...launchOptions,
+    });
+    return {
+        browser,
+        isLightpanda: false,
+    };
+}
+/**
+ * Get Lightpanda status information
+ */
+export async function getLightpandaStatus() {
+    const config = getLightpandaConfig();
+    const configured = isLightpandaConfigured();
+    const endpoint = buildLightpandaUrl(config);
+    const isCloud = endpoint.includes("cloud.lightpanda.io");
+    const securityWarning = isCloud ? getCloudSecurityWarning() : undefined;
+    if (!configured) {
+        return {
+            configured: false,
+            available: false,
+            endpoint: LIGHTPANDA_LOCAL_ENDPOINT,
+            isCloud: false,
+        };
+    }
+    // Try to connect
+    const result = await connectToLightpanda(config);
+    if (result.success && result.browser) {
+        await result.browser.close();
+        return {
+            configured: true,
+            available: true,
+            endpoint,
+            isCloud,
+            securityWarning,
+        };
+    }
+    return {
+        configured: true,
+        available: false,
+        endpoint,
+        isCloud,
+        error: result.error,
+        securityWarning,
+    };
+}
+/**
+ * Lightpanda setup instructions with security warnings
+ */
+export const LIGHTPANDA_SETUP_GUIDE = `
+╔══════════════════════════════════════════════════════════════════════════════╗
+║  Lightpanda Setup - High-Performance Headless Browser                        ║
+╚══════════════════════════════════════════════════════════════════════════════╝
+
+Lightpanda is 11x faster and uses 9x less memory than Chrome headless.
+It's ideal for AI agents, web scraping, and automated testing.
+
+━━━ ⚠️ SECURITY NOTICE ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+Lightpanda is BETA software. Before using, understand:
+
+  🔴 NO SECURITY AUDIT - No formal security review or SECURITY.md
+  🔴 BETA STATUS - Crashes and bugs are expected
+  🔴 CLOUD EXPOSURE - Cloud mode routes traffic through lightpanda.io
+  🔴 OPT-IN ONLY - Requires explicit --lightpanda flag
+
+NEVER use Lightpanda for:
+  ✗ Authentication or login flows
+  ✗ Credential or password handling
+  ✗ Payment or checkout processes
+  ✗ Any sensitive data operations
+
+━━━ Option 1: Local Installation (Recommended) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+Docker (isolates Lightpanda from your system):
+  docker run -d --name lightpanda -p 9222:9222 lightpanda/browser:nightly
+
+Binary (Linux/macOS):
+  curl -LO https://github.com/lightpanda-io/browser/releases/latest/download/lightpanda
+  chmod +x lightpanda
+  ./lightpanda serve --host 127.0.0.1 --port 9222
+
+Then set environment variable:
+  export LIGHTPANDA_ENDPOINT=ws://127.0.0.1:9222
+
+━━━ Option 2: Lightpanda Cloud (⚠️ Third-Party Data Exposure) ━━━━━━━━━━━━━━━━
+
+WARNING: Cloud mode sends ALL browser traffic through lightpanda.io servers.
+They can see: URLs, page content, cookies, form submissions.
+
+Only use for PUBLIC content you don't mind sharing.
+
+1. Sign up at https://lightpanda.io/
+2. Get your API token from the dashboard
+3. Set environment variable:
+   export LIGHTPANDA_TOKEN=your-api-token
+
+━━━ Usage (OPT-IN REQUIRED) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+Lightpanda is NOT used automatically. You must explicitly opt-in:
+
+  # Check status
+  npx cbrowser lightpanda-status
+
+  # Take screenshot with Lightpanda (--lightpanda flag required)
+  npx cbrowser screenshot https://example.com --lightpanda
+
+  # Run audit with Lightpanda
+  npx cbrowser agent-ready-audit https://example.com --lightpanda
+
+━━━ When to Use Lightpanda ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+✅ Good for (public, non-sensitive):
+  • Agent-ready audits on public sites
+  • Empathy audits (accessibility testing)
+  • Web scraping public content
+  • Performance benchmarking
+  • Batch operations on public pages
+
+❌ Never use for:
+  • Visual regression testing (different rendering)
+  • Cross-browser testing (Chromium only)
+  • Authentication flows
+  • Any operation with credentials
+  • Payment or checkout testing
+
+━━━ More Information ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+GitHub: https://github.com/lightpanda-io/browser
+Documentation: https://lightpanda.io/docs
+CBrowser Integration: https://cbrowser.ai/docs/lightpanda
+`;
+/**
+ * Security warning constant for display
+ */
+export const LIGHTPANDA_SECURITY_WARNING = `
+⚠️  LIGHTPANDA SECURITY NOTICE
+
+Lightpanda is beta software with no formal security audit.
+• No SECURITY.md or vulnerability disclosure process
+• No third-party code audit documented
+• Cloud mode exposes traffic to lightpanda.io servers
+
+Use only for public, non-sensitive operations.
+Never use for authentication, credentials, or payments.
+`.trim();
+//# sourceMappingURL=lightpanda.js.map