docker-volumes
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides numerous templates for docker commands, including volume creation and container execution with host mounts. These are legitimate for the skill's purpose but involve high-privilege operations.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill defines parameters that are interpolated into shell command templates, creating an injection surface. 1. Ingestion points: volume_name and mount_type in SKILL.md frontmatter. 2. Boundary markers: None; parameters are directly inserted into bash snippets. 3. Capability inventory: Execution of docker run, docker volume create, and volume prune operations. 4. Sanitization: No sanitization or validation logic is present in the markdown templates.
- [SAFE] (INFO): The validation script scripts/validate.py uses yaml.safe_load() which is a secure practice for handling configuration data.
Audit Metadata