The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a series of shell commands to analyze the project environment and validate the generated Docker images. This includes docker buildx build for image creation and docker-compose commands for runtime verification. These executions are part of a closed-loop validation process to ensure the resulting container is functional.
[EXTERNAL_DOWNLOADS]: The generated templates and migration modules include instructions to download software from well-known and official sources, such as the Rust toolchain (sh.rustup.rs) and the Bun runtime (bun.sh). These downloads are standard for the containerization of modern applications and are considered safe under recognized provider scopes.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) because it ingests untrusted content from local project files (e.g., package.json, go.mod, and source code) to inform its generation logic. A maliciously crafted project file could attempt to influence the agent's multi-step workflow.
Ingestion points: Project manifest files and source code searched via grep patterns in the analysis module.
Boundary markers: Absent; the skill does not explicitly delimit untrusted project content from its internal instructions.
Capability inventory: Includes file system access (read/write), docker build commands, docker-compose service management, and database command execution (psql).
Sanitization: No explicit sanitization or escaping of extracted project metadata is documented before it is used to construct shell commands or Dockerfiles.

dockerfile-skill