dockerfile-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No malicious behaviors, obfuscation, or data exfiltration attempts were detected. The content consists entirely of instructional markdown and code snippets for Docker optimization.
- [Indirect Prompt Injection] (INFO): The skill instructs the agent on how to analyze and optimize user-provided Dockerfiles. While processing user input always introduces a theoretical injection surface, this skill provides static knowledge and does not contain automated scripts or tools that execute untrusted content directly, keeping the risk level at INFO.
- [EXTERNAL_DOWNLOADS] (SAFE): The documentation references trusted sources for base images, such as Google Container Registry (gcr.io/distroless), and standard official images from Docker Hub (node, python, golang, alpine). These references are part of legitimate optimization guidance.
Audit Metadata