devcontainer-creator
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes untrusted workspace files (e.g., dependency lists, Dockerfiles) to determine environment requirements. This presents an indirect prompt injection surface where malicious content in those files could influence the generated configuration. The skill mitigates this by mandating a design plan and explicit user approval before any files are written.
- [COMMAND_EXECUTION]: The skill is designed to generate shell commands for container lifecycle scripts, such as
postCreateCommandandinitializeCommand. These are standard components of the Dev Container Specification used for project initialization. - [EXTERNAL_DOWNLOADS]: The skill references container images and features from well-known registries, including the Microsoft Container Registry (
mcr.microsoft.com), GitHub Container Registry (ghcr.io), and NVIDIA GPU Cloud (nvcr.io). - [CREDENTIALS_UNSAFE]: The instructions explicitly forbid hardcoding secrets or API keys in the generated configuration, recommending the use of the declarative
secretsproperty instead.
Audit Metadata