container-scan-hadolint
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill executes the
hadolintCLI tool for linting Dockerfiles. This is the primary and intended purpose of the skill. - [Indirect Prompt Injection] (SAFE): The skill processes external data (Dockerfiles) through
hadolint. While this represents an ingestion point for untrusted data, the use of a structured linter and the specific context of security auditing minimizes the risk of indirect injection. Ingestion points: Dockerfile content (via linter output). Boundary markers: N/A. Capability inventory: Subprocess execution ofhadolint. Sanitization: Relies on thehadolintparser. - [External Downloads] (SAFE): Mentions installing
hadolintvia Homebrew in the prerequisites, which is a trusted package manager. No automated or hidden downloads are performed by the skill itself.
Audit Metadata