docker-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's workflow explicitly pulls and uses public images (e.g., prom/prometheus:latest, grafana/grafana:latest in examples/docker-compose.yml and registry.example.com in SKILL.md) and instructs the use of scripts/docker_helper.sh and docker inspect/history to read image metadata and history, so the agent will fetch and parse untrusted, user-published image content whose textual metadata could influence actions.