alloydb-omni-container
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill generates and recommends the execution of shell commands (e.g.,
docker run,podman run,mkdir -p) using parameters provided by the user, such as container names and directory paths. This creates a potential surface for command injection if inputs containing shell metacharacters are not sanitized by the platform's execution environment. - [DATA_EXPOSURE]: The workflow for running a new container involves asking the user for a
DATABASE_PASSWORD, which is then passed as an environment variable (POSTGRES_PASSWORD) in the command line. This can expose the secret in system process lists or container inspection logs. - [EXTERNAL_DOWNLOADS]: The skill references and pulls container images from Google's official repositories on Docker Hub (
google/alloydbomni), which is a well-known and trusted source for this software.
Audit Metadata