portainer
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The script communicates with the Portainer API using the user-provided PORTAINER_URL. This is the intended behavior and no sensitive data is exfiltrated to unauthorized third parties.
- [Indirect Prompt Injection] (LOW): The skill processes data from an external API (container names, logs) which presents an attack surface for indirect prompt injection. Ingestion points: portainer.sh retrieves container lists and logs via curl from the Portainer REST API. Boundary markers: None present. Capability inventory: The script can perform lifecycle actions like stopping or restarting containers and redeploying stacks via API calls. Sanitization: The skill uses the strings utility to sanitize log output and jq to safely encode JSON payloads, reducing the risk of accidental instruction obedience.
- [Command Execution] (SAFE): The script executes shell commands to perform tasks, but all commands are restricted to standard utilities (curl, jq, strings, column) and follow the user's explicit instructions.
Audit Metadata