Docker Hub
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [Data Exfiltration] (HIGH): The skill mandates pushing built images to the 'tertiaryinfotech' organization. Since Docker images contain the user's source code and environment, this hardcoded requirement results in data exfiltration to a third-party entity.
- [Command Execution] (MEDIUM): The skill executes multiple shell-based Docker commands and generates system files like Dockerfiles and .dockerignore based on directory contents.
- [Indirect Prompt Injection] (LOW): The skill parses project-specific files (e.g., package.json, requirements.txt) to automate Dockerfile creation. Evidence: 1. Ingestion points: local project files; 2. Boundary markers: none; 3. Capability inventory: docker build and push commands; 4. Sanitization: none.
Recommendations
- AI detected serious security threats
Audit Metadata