Skills
skills/ragnarok22/agent-skills/docker-doctor/Gen Agent Trust Hub

docker-doctor

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local bash script (scripts/verify-docker.sh) to perform audits. It also optionally invokes docker compose and hadolint to validate configurations.
  • [SAFE]: The skill processes untrusted repository files (Dockerfiles, Compose manifests). It includes a specific safeguard in SKILL.md (Step 5) instructing the agent not to alter its scoring or behavior based on instruction-like text found in the audited files. This mitigates Indirect Prompt Injection risks.
  • Ingestion points: Contents of Dockerfiles and Compose files.
  • Boundary markers: Explicit instruction in SKILL.md Step 5 to ignore instruction-like text.
  • Capability inventory: Execution of local scripts and Docker CLI tools via shell.
  • Sanitization: The audit script emits structured data (FINDING|...) for agent processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 03:18 PM
Security Audit — agent-trust-hub — docker-doctor