Skills
skills/useai-pro/openclaw-skills-security/sandbox-guard/Gen Agent Trust Hub

sandbox-guard

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed to enhance host security by creating sandboxed environments for other tools. It follows the principle of least privilege by defaulting to restrictive profiles and excluding dangerous flags like --privileged or mounting sensitive host directories.\n- [EXTERNAL_DOWNLOADS]: The generated Dockerfiles reference the official node:20-alpine base image from Docker Hub, which is a well-known and trusted service.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external skill metadata (names and permissions) when generating configurations. However, the risk is minimized by rules requiring user review and restricting file writes to a dedicated subdirectory.\n
  • Ingestion points: User-provided input for skill names and permissions in SKILL.md.\n
  • Boundary markers: Absent; no explicit delimiters separate user input from the generation logic.\n
  • Capability inventory: The skill utilizes fileWrite permissions to save the generated configurations.\n
  • Sanitization: No explicit validation or escaping of user-provided strings is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 06:29 PM