vulnerability-remediation
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill fetches image tag metadata from the official Docker Hub API and pipes it to a Python script for parsing. This is a neutral operation as it targets a well-known service for its intended functionality.
- [DYNAMIC_EXECUTION]: Employs inline Python scripts within Bash commands to programmatically process JSON data from both MCP tool results and external API responses.
- [INDIRECT_PROMPT_INJECTION]: The skill processes SARIF security reports and compliance data originating from the Chainloop platform. 1. Ingestion points: Results from mcp__claude_ai_Chainloop__get_frameworks_compliance and download_evidence_by_digest tools. 2. Boundary markers: No explicit delimiters are used, but the data is handled as structured JSON, reducing risk. 3. Capability inventory: The agent possesses permissions for file editing and command execution via Bash. 4. Sanitization: External data is parsed using specific Python logic to extract version numbers and file paths, ensuring content is treated as data rather than instructions.
Audit Metadata