configure-container
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses templates that reference official resources from trusted organizations including GitHub, Docker, and Microsoft. It fetches GitHub Actions from official repositories and base images from verified registries.
- [COMMAND_EXECUTION]: The skill utilizes standard system tools such as find and grep to detect project configuration files and uses the agent's file modification capabilities to apply security improvements.
- [SAFE]: The skill implements significant security hardening measures, including mandatory non-root user configurations, multi-stage build requirements, and automated vulnerability scanning with tools like Trivy, which are pinned by commit SHA for enhanced security.
Audit Metadata