dockerfile-generation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
docker buildanddocker runto verify generated Dockerfiles. This is the primary function of the skill and is constrained to local verification only. - [PROMPT_INJECTION]: The skill ingests codebase files which could contain indirect prompt injections. Evidence Chain: 1. Ingestion points: package.json, requirements.txt, go.mod. 2. Boundary markers: none. 3. Capability inventory:
docker build,docker run. 4. Sanitization: alphanumeric/regex validation for image names, port numbers, and file paths. - [SAFE]: The skill follows security-first principles such as multi-stage builds, non-root user configuration, and prohibiting hardcoded credentials or latest tags.
Audit Metadata