portainer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The documentation provides numerous examples of how to run a local script named
portainer.shto interact with the Portainer API for managing containers and stacks. - [NO_CODE]: The functional logic for the skill is not included in the provided file; only documentation and metadata were submitted for analysis.
- [PROMPT_INJECTION]: The skill exposes a potential surface for indirect prompt injection by retrieving and displaying container logs. 1. Ingestion points: Container logs retrieved via the
logscommand. 2. Boundary markers: None described in the command examples. 3. Capability inventory: Shell script execution and network communication via curl. 4. Sanitization: No evidence of log content validation or sanitization is provided.
Audit Metadata