docker
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Privilege Escalation] (HIGH): The skill instructions in both README.md and SKILL.md include 'sudo dockerd' and 'sudo docker run'. Executing commands with 'sudo' grants the agent administrative access to the host system, posing a risk of privilege escalation.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest user data via the 'docker' and 'container' triggers, creating a surface for injection.
- Ingestion points: SKILL.md (triggers: docker, container)
- Boundary markers: Absent
- Capability inventory: Subprocess execution of 'sudo dockerd' and 'sudo docker run' (SKILL.md)
- Sanitization: Absent
Audit Metadata