local-environment
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): Hardcoded default credentials for local services (PostgreSQL, MinIO, and Grafana) are provided in the documentation for development purposes. Evidence found in
rules/service-architecture.mdincludes credentials likepolar/polarandpolar/polarpolar. - Indirect Prompt Injection (LOW): The skill exhibits a surface for indirect prompt injection by reading untrusted container logs. * Ingestion points:
dev docker logs(referenced inSKILL.md,rules/view-logs.md). * Boundary markers: None identified in command instructions. * Capability inventory: Arbitrary shell execution (dev docker shell), service lifecycle management, and environment destruction (dev docker cleanup). * Sanitization: No sanitization or validation of log content is specified before processing. - Dynamic Execution (LOW): The skill explicitly allows for the execution of arbitrary commands within containerized environments. Evidence in
SKILL.mdandrules/troubleshooting.mdincludes thedev docker shell {service}command.
Audit Metadata