The Agent Skills Directory

[SAFE]: No security issues detected. The skill focuses on promoting best practices for Docker security, such as non-root execution, least-privilege permissions, and minimizing image layers.
[COMMAND_EXECUTION]: The skill utilizes standard Maven commands (mvn compile, mvn clean verify) for project validation and skill regeneration. These are routine development operations within a Java project context.
[PROMPT_INJECTION]: The skill processes user-provided project artifacts (Dockerfiles, Maven descriptors), which presents a potential surface for indirect prompt injection. This is inherent to its role as a code review and optimization tool.
Ingestion points: Local project files including Dockerfiles, .dockerignore, and Maven build inputs (identified in SKILL.md Workflow).
Boundary markers: None present in the instructions to separate skill logic from analyzed file content.
Capability inventory: Subprocess execution via mvn and jlink (identified in SKILL.md and reference examples).
Sanitization: No sanitization or escaping of external content is described before interpolation into the agent context.

706-technologies-containers-docker