check-docker-compose-config
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines several grep patterns to be executed against local configuration files to detect specific settings.
- [PROMPT_INJECTION]: The skill's design to read and analyze external docker-compose.yml files creates an indirect prompt injection surface.
- Ingestion points: Reads data from docker-compose*.yml files.
- Boundary markers: No delimiters or ignore instructions are provided to isolate processed data from the agent's logic.
- Capability inventory: Analyzes file content via grep but lacks advanced file-write or network capabilities.
- Sanitization: No content validation or sanitization of the external files is defined.
Audit Metadata