compose-security-lint
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes external content (Docker Compose YAML files) which represents a potential injection surface.
- Ingestion point:
scripts/lint_compose.pyreads a file from the filesystem provided via command line arguments. - Boundary markers: None present.
- Capability inventory: The script only performs string comparisons and exits. It contains no subprocess calls, file-write operations, or network access.
- Sanitization: No sanitization is performed, but since the output is limited to reporting missing keys, the risk of influencing the agent's logic maliciously is negligible.
- [Data Exposure & Exfiltration] (SAFE): While the script reads a file provided by the user, it has no network capabilities or logic to transmit data externally. Operations are entirely local.
- [Remote Code Execution] (SAFE): The skill does not download external packages or execute remote code. It relies solely on the Python standard library and a local script.
Audit Metadata