dockerize
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill suggests running standard runtime version commands (e.g.,
node --version,python --version) to detect the appropriate base image. These are routine, safe operations used to match the production environment to the developer's local setup. - [PRIVILEGE_ESCALATION] (SAFE): The skill actively promotes security by including instructions to create and use a non-root user (
USER appuser) within the generated Dockerfiles, reducing the attack surface of the resulting containers. - [DATA_EXFILTRATION] (SAFE): Analysis of the skill reveals no attempts to access sensitive file paths (like
~/.sshor.envfiles for export) or make unauthorized network requests. It focuses strictly on project configuration files likepackage.jsonandgo.mod. - [PROMPT_INJECTION] (SAFE): The instructions are task-oriented and do not contain patterns designed to bypass AI safety constraints, extract system prompts, or induce 'jailbroken' behavior.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data by reading project configuration and lockfiles. While this is a potential vector for indirect injection (e.g., malicious content in a
package.jsonfield), the skill's logic is constrained to specific functional keys (dependencies, engines), which significantly mitigates the risk. - [DYNAMIC_EXECUTION] (SAFE): The generated Dockerfiles include a
HEALTHCHECKthat usesnode -e. This is a standard and safe method for verifying application health in minimal container images where utilities likecurlare absent.
Audit Metadata