docker-compose

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The skill includes a "Memory Protocol (MANDATORY)" that instructs the agent to read and write to .claude/context/memory files (persistent agent memory) which is unrelated to Docker Compose functionality and therefore constitutes hidden/deceptive instructions outside the skill's stated purpose.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The skill includes host-level sudo commands (installing Docker, sudo usermod -aG docker) and instructions that modify host user/group state, but it frames these as operator actions, blocks/describes destructive operations, and does not explicitly instruct the agent itself to escalate or bypass security—so it poses some risk but not a direct high-severity compromise.