Skills
skills/mukul975/anthropic-cybersecurity-skills/securing-container-registry-images/Gen Agent Trust Hub

securing-container-registry-images

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads installation scripts for security tools (Syft, Grype) from Anchore's official GitHub repository.
  • [REMOTE_CODE_EXECUTION]: Implementation instructions include piping remote scripts directly to the shell to facilitate tool setup in the execution environment.
  • [COMMAND_EXECUTION]: The scripts/agent.py file executes external security binaries (Trivy, Syft, Cosign) via the subprocess module to perform scanning and signing operations.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by processing external container image names.
  • Ingestion points: User-provided image references enter the script through the --image argument in scripts/agent.py.
  • Boundary markers: Image names are interpolated directly into command lists without delimiters or explicit instruction isolation.
  • Capability inventory: The script possesses the capability to execute system commands via subprocess.run (in scripts/agent.py).
  • Sanitization: No validation or escaping is performed on the image name strings before they are passed to the underlying CLI tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 06:48 PM