Skills
skills/pjt222/development-guides/create-r-dockerfile/Gen Agent Trust Hub

create-r-dockerfile

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the project dependency files it processes.\n
  • Ingestion points: renv.lock and DESCRIPTION files are used to determine R package requirements in Step 2 and Step 5.\n
  • Boundary markers: The instructions do not specify boundaries or ignore-directives for content within these files.\n
  • Capability inventory: The skill uses the Bash tool to execute docker build and docker run commands, which process the generated Dockerfile.\n
  • Sanitization: No sanitization or validation of the input files is described.\n- [EXTERNAL_DOWNLOADS]: The skill uses well-known external repositories for dependencies.\n
  • Evidence: Utilizes rocker base images (from the rocker-org community) and installs packages from the Comprehensive R Archive Network (CRAN) at cloud.r-project.org.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:13 AM