acc-create-docker-healthcheck
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill possesses a vulnerability surface for indirect prompt injection through its code generation capabilities.
- Ingestion points: The skill ingests untrusted data from the user/agent context, including service lists, stack details, and health check URLs in the 'Usage' section.
- Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the user-provided data.
- Capability inventory: The skill generates executable shell scripts (
.sh) and Docker instructions (HEALTHCHECK CMD,RUN chmod +x) that are intended for execution within a container environment. - Sanitization: The skill does not define sanitization or validation logic for the user-provided URLs or service names before interpolating them into generated scripts.
- Command Execution (LOW): The generated scripts utilize commands like
curl,cgi-fcgi, andpgrep. While appropriate for health checks, these represent the capability set available to a potential injector.
Audit Metadata