container-scan-hadolint
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes shell commands to execute the
hadolintbinary. This is standard functionality for a linter but involves local command execution. - [PROMPT_INJECTION] (LOW): The skill processes external Dockerfiles which constitutes an indirect prompt injection surface (Category 8). 1. Ingestion points: Dockerfile(s) specified in instructions step 2. 2. Boundary markers: Absent. 3. Capability inventory: Execution of
hadolintvia shell and parsing of JSON output. 4. Sanitization: None explicitly defined for file contents or filenames. The risk is minimized as the skill primarily outputs a structured report.
Audit Metadata