Skills
skills/openaec-foundation/docker-claude-skill-package/docker-impl-go-templates/Gen Agent Trust Hub

docker-impl-go-templates

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill documents methods to extract container-provided metadata such as names, labels, and environment variables, as well as health check logs. Since these values are external and potentially attacker-controlled, their use in agent decision-making or automated commands constitutes an indirect prompt injection risk.\n
  • Ingestion points: Environment variables and labels in SKILL.md; health check logs in references/examples.md.\n
  • Boundary markers: Not present in the provided templates to isolate external data from instructions.\n
  • Capability inventory: Examples in SKILL.md and references/examples.md demonstrate using extracted names to execute docker stop and docker rm.\n
  • Sanitization: Minimal sanitization is shown in scripting examples (e.g., removing leading slashes via sed), but it is not comprehensive across all patterns.\n- [DATA_EXFILTRATION]: The skill provides specific patterns for accessing sensitive container data, such as environment variables (.Config.Env) which often house credentials, and the host path for container logs (.LogPath).\n- [COMMAND_EXECUTION]: The skill provides numerous shell command patterns and automation scripts that integrate Docker CLI output with administrative functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 11:47 AM