docker-compose

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.80). The skill includes a "Memory Protocol (MANDATORY)" that instructs the agent to read/write persistent .claude/context/memory/* files and assume interruption — an explicit, out-of-scope instruction that alters agent behavior and could be used to persist or exfiltrate information, so it constitutes a hidden/deceptive instruction relative to the skill's advertised Docker Compose purpose.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly includes host-level commands that require sudo (e.g., "sudo apt-get install docker-ce" and "sudo usermod -aG docker $USER") and guidance that modifies system permissions, which can change the machine state and thus poses a risk.