Skills
skills/borghei/claude-skills/docker-development/Gen Agent Trust Hub

docker-development

Warn

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFE
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill distributes example configuration files containing hardcoded credentials.
  • File examples/Dockerfile.sample contains a hardcoded DATABASE_URL with a password and an API_KEY matching the sk- secret key pattern.
  • File examples/docker-compose.sample.yml includes multiple hardcoded environment variables for secrets, such as DB_PASSWORD, JWT_SECRET, POSTGRES_PASSWORD, and RABBITMQ_DEFAULT_PASS.
  • [COMMAND_EXECUTION]: The compose_validator.py and dockerfile_analyzer.py scripts allow specifying arbitrary file paths via the --file argument for analysis. While intended for local file scanning, this provides a mechanism for the agent to read and process local configuration files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 3, 2026, 11:12 AM