debug-container
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill retrieves and displays environment variables and logs from local containers during inspection and log retrieval steps. Evidence: Step 2 (container_inspect) and Step 3 (container_logs) in SKILL.md. Risk: Environment variables frequently store sensitive information such as API keys and credentials, which are exposed to the agent context.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via data processed from containers. Ingestion points: Container environment variables and logs (SKILL.md, Steps 2 and 3). Boundary markers: Absent; container data is interpolated directly into the workflow without isolation. Capability inventory: Podman MCP tool access (list, inspect, logs, image) and terminal command suggestions. Sanitization: Absent; no filtering is applied to container output.
Audit Metadata