acc-check-docker-secrets
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill documentation includes example credentials such as a GitHub token (ghp_...) and a Stripe secret key (sk_live_...). While illustrative, these match hardcoded secret patterns that are flagged as high risk.
- [DATA_EXFILTRATION] (HIGH): The skill directs the agent to access highly sensitive local file paths including .env and .env.*. Following the assume-malicious posture, any instruction to access these files is categorized as a data exposure risk.
- [COMMAND_EXECUTION] (LOW): The skill provides structured grep commands for the agent to execute on the host filesystem. While restricted to searching, this constitutes direct shell command instruction.
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it ingests untrusted content from Dockerfiles and entrypoint scripts. Evidence Chain: 1. Ingestion points: Dockerfile, docker-compose.yml, .env, entrypoint.sh. 2. Boundary markers: None. 3. Capability inventory: grep (filesystem read). 4. Sanitization: None; relies on regex matching for pattern detection.
Recommendations
- AI detected serious security threats
Audit Metadata