dockerfile-optimizer
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for static analysis and refactoring of Dockerfile content provided by the user. It does not execute the Dockerfiles it processes.
- [DATA_EXFILTRATION]: No evidence of credential harvesting or external network operations. The instructions specifically advise users to use
.dockerignoreto prevent the accidental inclusion of sensitive files like.gitor secrets. - [PROMPT_INJECTION]: The 'IMPORTANT: Language Detection' instruction is a standard behavioral guide for multilingual support and does not attempt to bypass agent safety filters or override core system instructions.
- [REMOTE_CODE_EXECUTION]: The skill does not contain any instructions to download or execute external scripts. It functions entirely through text generation based on the provided input.
- [COMMAND_EXECUTION]: There are no shell execution patterns or privilege escalation attempts (e.g., sudo, chmod). The skill actually promotes security best practices by recommending the use of non-root users in container images.
Audit Metadata