docker-local-dev
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from local project files, creating a surface for indirect prompt injection.
- Ingestion points: The
scripts/detect-stack.shscript reads data fromcomposer.json,package.json,.env, and other configuration files. - Boundary markers: The skill mitigates risks by presenting detection results for confirmation and showing previews before creating or modifying files.
- Capability inventory: The skill can execute local scripts, write Docker configuration files, and run commands within containers using
docker compose exec. - Sanitization: The skill relies on simple extraction via
grepand requires manual confirmation from the user to validate all detected parameters. - [EXTERNAL_DOWNLOADS]: The skill downloads utility tools from trusted external sources.
- Fetches
wp-cli.pharfrom the official GitHub repository for WordPress (raw.githubusercontent.com) as part of the WordPress setup workflow. - Fetches the Drush launcher (
drush.phar) from its official GitHub repository for Drupal environment configuration. - [COMMAND_EXECUTION]: The skill generates and runs configuration logic as a core part of its functionality.
- Dynamically constructs
Dockerfileanddocker-compose.ymlfiles at runtime based on embedded templates and user-specific input. - Executes verification and health check scripts (
scripts/health-check.sh,scripts/db-test.sh) to ensure generated services are running as expected.
Audit Metadata