openclaw-docker-e2e-authoring
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The instructions guide the user through creating deterministic and live Docker test lanes, following standard software engineering and security best practices such as running applications from read-only mounts and using environment variables for configuration.
- [COMMAND_EXECUTION]: The skill provides commands for local verification, including
pnpm exec oxfmt,node --check,bash -n, andpnpm test:docker. These are standard tools for JavaScript/TypeScript development and testing within a local project environment. - [INDIRECT_PROMPT_INJECTION]: The skill involves testing agent behavior against external provider outputs and Docker scenarios. It includes specific mitigation guidance for authoring, such as using neutral prompts and ensuring expected answers are derived specifically from the behavior under test, which helps prevent accidental metadata leaks or external influence during testing.
Audit Metadata