devops-docker
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes Docker commands on the host system, including building images and starting services. This provides a mechanism for local command execution based on generated configurations.\n- [EXTERNAL_DOWNLOADS] (SAFE): The skill references official images from Docker Hub (node, postgres, redis), which is a trusted registry. This poses minimal risk for remote code execution via compromised base images.\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests project data to drive logic.\n
- Ingestion points: Project file analysis as defined in SKILL.md workflow.\n
- Boundary markers: Absent; no delimiters are used to separate untrusted project data from instructions.\n
- Capability inventory: Shell execution through
docker composeandJustfile.\n - Sanitization: No validation or sanitization of ingested project file content is performed before use in configurations.
Audit Metadata