optimize-docker-build-cache
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the processing of user-provided Dockerfiles in conjunction with command execution capabilities.\n
- Ingestion points:
Existing Dockerfile to optimize(defined in SKILL.md).\n - Boundary markers: Absent; the skill does not specify any delimiters or warnings to ignore instructions embedded within the provided Dockerfile.\n
- Capability inventory: The agent is granted
Bash,Read,Write, andEditpermissions, enabling it to execute commands likedocker buildand modify files.\n - Sanitization: There is no evidence of content validation or sanitization of the input Dockerfile prior to its use in the optimization procedure.\n- [SAFE]: No obfuscation, hardcoded credentials, or malicious persistence mechanisms were detected in the skill's content or metadata.\n- [SAFE]: External references to the
rocker/r-verDocker image target a well-known and trusted community resource.
Audit Metadata