Skills
skills/openaec-foundation/docker-claude-skill-package/docker-impl-cicd/Gen Agent Trust Hub

docker-impl-cicd

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill exclusively uses and recommends official GitHub Actions (e.g., docker/build-push-action, docker/login-action, docker/metadata-action) from trusted organizations.
  • [SAFE]: It provides robust security guidance, including mandatory use of GitHub Secrets, warnings against hardcoding credentials, and instructions for OIDC authentication for AWS and GCP to avoid long-lived access keys.
  • [SAFE]: The skill incorporates security-focused workflows, such as vulnerability scanning with Docker Scout and PR guards to prevent unauthorized image pushes from forks.
  • [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or malicious persistence mechanisms was found. All external links point to official Docker and GitHub documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 11:46 AM