discover-containers
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill instructs the agent to read external local files, creating a surface where instructions embedded in those files could influence agent behavior.
- Ingestion points: Multiple files under
<cc-polymath-root>/skills/containers/, specificallyINDEX.mdand individual skill files (e.g.,container-security.md). - Boundary markers: Absent; the skill does not provide delimiters to isolate the ingested content.
- Capability inventory: The skill utilizes local file reading to load additional instructions and workflow details.
- Sanitization: Absent; the content from the files is directly incorporated into the agent's context.
- [Data Exfiltration] (SAFE): No access to sensitive files or network exfiltration attempts were found.
- [Remote Code Execution] (SAFE): No download or execution of remote scripts or unverified packages was detected.
Audit Metadata