docker-helper
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill contains multiple shell scripts and snippets for interacting with the Docker CLI. These commands (pruning, logging, health checks) are standard for container management and align with the skill's primary purpose.
- DATA_EXPOSURE (SAFE): Examples provided in the documentation use placeholder credentials such as 'secret' and 'postgres'. No real sensitive keys or secrets are hardcoded in the skill.
- INDIRECT_PROMPT_INJECTION (LOW): The skill utilizes commands to retrieve container logs (e.g.,
docker logsinSKILL.mdandscripts/health-check.sh). This presents a surface where untrusted data from a container's output could enter the agent's context. - Ingestion points: Container logs via
docker logsanddocker-compose logsinSKILL.mdandscripts/health-check.sh. - Boundary markers: Absent.
- Capability inventory: Full access to Docker CLI commands and shell script execution.
- Sanitization: Absent; the skill directly outputs log content to the terminal.
Audit Metadata