docker-expert
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs various Docker and shell operations, including
docker build,docker run,docker exec, andfind. These commands are used to analyze project structures, build images, and validate container runtime behavior, which are essential functions for a Docker expert tool.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes local project files to inform its actions.\n - Ingestion points: The skill searches for and reads local
Dockerfileanddocker-compose.ymlfiles usingfindandgrep.\n - Boundary markers: There are no explicit delimiters or instructions to ignore instructions embedded within the ingested configuration files.\n
- Capability inventory: The skill has the capability to build and run containers based on the ingested files, which could execute logic defined within those files.\n
- Sanitization: No sanitization or content validation is performed on the files before they are used in Docker commands.\n- [SAFE]: The skill references base images and registries from trusted and well-known providers, such as PostgreSQL on Docker Hub and Distroless images from Google Container Registry (
gcr.io).
Audit Metadata