docker
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various administrative commands using the
dockeranddocker composebinaries to manage the host's container environment, including system-level pruning and network configuration. - [REMOTE_CODE_EXECUTION]: The skill uses
docker run,docker exec, anddocker buildwhich allow the agent to execute arbitrary code or processes within a containerized environment. This includes pulling and running external images from Docker Hub. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external container outputs.
- Ingestion points: Reads data through
docker logs,docker ps, anddocker inspect(SKILL.md). - Boundary markers: No boundary markers or specific instructions are provided to ignore malicious content within the logs.
- Capability inventory: The skill possesses significant capabilities including container execution (
docker exec), container creation (docker run), and image building (docker build) (SKILL.md). - Sanitization: No sanitization or filtering of container output or log data is performed before processing.
Audit Metadata