endor-container
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the endorctl command-line utility via npx to perform image scanning as part of its core functionality.
- [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and run the endorctl package from the npm registry at runtime. This package is an official resource provided by the author, Endor Labs.
- [PROMPT_INJECTION]: The skill ingests untrusted data from Dockerfiles and Docker Compose files which introduces an indirect prompt injection surface.
- Ingestion points: Reads configuration content from files matching patterns like Dockerfile and docker-compose.yml within the user's workspace.
- Boundary markers: No specific delimiters or instructions are provided to the agent to treat the file content as untrusted or to ignore embedded instructions.
- Capability inventory: The skill possesses the capability to execute shell commands and generate code remediation examples based on the analyzed data.
- Sanitization: There is no evidence of sanitization or escaping applied to the file contents before they are processed by the agent.
Audit Metadata