Skills
skills/rockclaver/systemcraft/dockerize-and-deploy/Gen Agent Trust Hub

dockerize-and-deploy

Warn

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute several powerful shell commands on the user's local system.
  • SKILL.md instructs the agent to run bash scripts/preflight.sh, docker build, and docker compose up directly.
  • The scripts/deploy.sh script uses eval "$MIGRATIONS_CMD" to execute database migration commands. If $MIGRATIONS_CMD is populated with untrusted input or manipulated by the agent, it leads to arbitrary command execution.
  • [REMOTE_CODE_EXECUTION]: The deployment workflow involves pulling and executing remote Docker images. While the reference material suggests pinned versions (e.g., node:20.11-alpine), the scripts/deploy.sh script performs a docker compose pull which downloads external code/images for execution.
  • [DATA_EXFILTRATION]: The scripts/preflight.sh script is designed to read sensitive environment variables such as DATABASE_URL and SECRET_KEY from .env.prod. While this is intended for validation, the access to these secrets by a shell script that also has network access via curl and docker presents a potential exfiltration risk if the script were modified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 1, 2026, 11:25 PM