depot-container-builds
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety guidelines, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, secrets, or sensitive file paths (like SSH keys or AWS configs) were detected. References to API tokens and project IDs use clearly labeled placeholders (e.g.,
<project-id>,<depot-token>,abc123). Network activity is restricted to legitimate container registry interactions (e.g.,registry.depot.dev,public.ecr.aws). - [Obfuscation] (SAFE): The content is clear and readable. No Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques were identified.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not attempt to install external packages or execute remote scripts via
curl | bash. It describes the usage of a specialized CLI tool for its intended purpose. - [Privilege Escalation] (SAFE): No use of
sudo,chmod 777, or other privilege escalation commands was found. - [Indirect Prompt Injection] (SAFE): While the skill involves processing build contexts and Dockerfiles, it does not create a surface for ingesting untrusted external data that would bypass agent safety logic. The capability inventory is limited to standard container build operations.
Audit Metadata