Skills
skills/mrpointer/dotfiles/testing-e2e-containers/Gen Agent Trust Hub

testing-e2e-containers

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute build commands on the host system using goreleaser and container management commands via docker, docker-compose, and task.
  • [COMMAND_EXECUTION]: Executes the installer binary with elevated privileges (sudo) inside guest Docker containers to verify system-level installation tasks.
  • [DATA_EXPOSURE]: Contains a hardcoded absolute file path (/Users/timorgruber/.local/share/chezmoi/...) pointing to another skill, which discloses the author's local username and file system structure.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes output from installer runs inside containers.
  • Ingestion points: Standard output and error from docker exec commands are returned to the agent context.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded content in command output are provided.
  • Capability inventory: The skill allows shell command execution on the host (task, docker, goreleaser) and within containers (sudo).
  • Sanitization: There is no evidence of sanitization or validation of the installer's output before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 06:37 PM