depot-container-builds
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were identified. The skill provides clear documentation for its intended use and employs industry-standard practices for handling sensitive information through placeholders and secure CLI flags.
- [COMMAND_EXECUTION]: The skill facilitates the execution of the
depotCLI tool. This includes commands for building container images (depot build), orchestrating multi-image builds (depot bake), and managing organization settings (depot org). These commands are standard operations for the Depot platform and are used to interact with the vendor's remote build infrastructure. - [DATA_EXFILTRATION]: The skill documents the management of sensitive build data, including API tokens (
--token), build secrets (--secret), and SSH agent forwarding (--ssh). These features are used to authenticate with Depot's services (e.g.,registry.depot.dev) and securely provide build-time secrets, which is consistent with the primary purpose of a container build tool.
Audit Metadata