The Agent Skills Directory

[Indirect Prompt Injection] (MEDIUM): The skill is designed to process and analyze external, untrusted Docker and Compose configurations to provide corrections or optimizations.\n * Ingestion points: User-provided Dockerfiles and docker-compose.yml files ingested during the review and creation workflows.\n * Boundary markers: There are no boundary markers or instructions to the agent to disregard embedded instructions within the user-provided data.\n * Capability inventory: The agent generates refined Docker configurations and shell-based Docker commands which are intended to be executed by the user, potentially with high host privileges.\n * Sanitization: No logic is present to sanitize user-provided configuration comments or metadata that might contain hidden instructions.\n- [Credentials Exposure] (LOW): Example connection strings in references/patterns.md contain hardcoded placeholder credentials (e.g., 'postgres://user:pass@db:5432/app'). While these are clearly demonstrators, they provide a surface for accidental credential leakage if users copy-paste them into their own environments.

docker-specialist