docker-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): Documentation and templates utilize standard Docker and Docker Compose commands for container management. These are appropriate for the skill's stated purpose.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected. The skill ingests untrusted user application files via
COPY . .(README.md, SKILL.md) and executes build scripts (npm run build) without sanitization or explicit boundary markers. Evidence Chain: 1. Ingestion point:COPY . .in Dockerfile templates. 2. Boundary markers: Absent. 3. Capability inventory:RUN npm ciandRUN npm run buildprovide shell execution during build. 4. Sanitization: Absent. - [REMOTE_CODE_EXECUTION] (LOW): Templates include package installation commands (
npm ci) which fetch dependencies from external registries. Per [TRUST-SCOPE-RULE], these are considered low risk when targeting known registries like npm.
Audit Metadata