create-dockerfile-production
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides high-quality templates for generating production-ready Dockerfiles that follow established security best practices. Notable security features include the use of minimal Alpine-based images, multi-stage builds to strip build-time dependencies, and the configuration of a non-root user for application execution.
- [SAFE]: The skill uses official package managers (APK, Composer, and PECL) to install standard, version-pinned extensions and dependencies. All external references target official registries and well-known services.
- [SAFE]: While the skill involves processing project metadata (e.g., composer.json), which is a common surface for indirect prompt injection, it does so to automate legitimate build configurations. No patterns of malicious instruction override or data exfiltration were detected.
Audit Metadata