skillshare-devcontainer
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to facilitate command execution within a Docker devcontainer. It provides specific instructions for running project-specific CLI tools, build tools, and test suites inside a Linux environment using
docker exec. - [COMMAND_EXECUTION]: The skill uses
eval "$(credential-helper --eval off)"to toggle authentication during testing, which involves local shell command execution to modify the environment. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) due to its design as a command runner:
- Ingestion points: The skill ingests user-supplied content via the
argument-hintdefined inSKILL.md(e.g., "command-to-run"). - Boundary markers: There are no explicit boundary markers or instructions to delimit or ignore instructions within the user-provided command strings.
- Capability inventory: The skill utilizes
docker execandbash -cthroughoutSKILL.md, providing broad access to the container's environment and the bind-mounted workspace. - Sanitization: The skill does not describe any sanitization, validation, or escaping of the user-provided input before it is passed to the shell.
Audit Metadata