ln-783-container-launcher
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of shell commands for building images, launching services, and monitoring logs using Docker and Docker Compose. These commands are essential for its primary purpose of container management.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill processes external configuration data which could be manipulated to influence the agent.
- Ingestion points: The agent parses
docker-compose.ymlfiles to extract service metadata and configuration (SKILL.md, Step 2). - Boundary markers: The instructions lack specific boundary markers or warnings to the agent to treat data from the compose file as untrusted content.
- Capability inventory: The skill possesses significant capabilities including arbitrary shell command execution via Docker, network probing via HTTP requests, and log streaming (SKILL.md and monitor_integration_pattern.md).
- Sanitization: No validation or sanitization of the values parsed from the configuration file is performed before they are interpolated into shell commands.
Audit Metadata