docker-ops
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a high-quality educational resource for containerization. It promotes secure defaults, such as avoiding the 'latest' tag, dropping container capabilities, and implementing read-only filesystems.
- [CREDENTIALS_UNSAFE]: No hardcoded sensitive credentials were found. Examples using environment variables like
POSTGRES_PASSWORD: devpassare explicitly scoped to local development override files and are standard documentation placeholders. - [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted tools/images including Trivy for security scanning,
ghcr.io/astral-sh/uvfor Python dependency management, andnicolaka/netshootfor network debugging. These are industry-standard resources. - [PROMPT_INJECTION]: Instructions are strictly technical and instructional. There are no attempts to bypass safety filters or override system instructions.
- [COMMAND_EXECUTION]: Command examples provided (e.g.,
docker build,docker run,apt-get install) are standard for Docker environment setup and application deployment. No suspicious piped-execution (e.g.,curl | bash) patterns were found.
Audit Metadata