docker-compose-setup
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: The skill implements best practices for container orchestration, including image pinning, health checks, and network isolation.
- [DATA_EXFILTRATION]: Configuration templates use environment variable placeholders (e.g., ${DB_PASSWORD}) for sensitive information, preventing credential exposure.
- [PROMPT_INJECTION]: The skill processes untrusted user descriptions to generate configuration files, creating a surface for indirect prompt injection.
- Ingestion points: User instructions for stack requirements in SKILL.md.
- Boundary markers: None present in the example prompts.
- Capability inventory: Generates configuration file content (file-write) and includes internal network health checks (network operations).
- Sanitization: No explicit validation or escaping of user input is described.
Audit Metadata