dockerfile
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Security-Focused Templates (SAFE): The skill provides well-structured templates for Node.js, Python, Go, and Java that follow the principle of least privilege by creating and switching to non-root users (
USER appuser). - Data Protection (SAFE): Includes a detailed
.dockerignoreexample that specifically instructs the exclusion of sensitive files such as.env,.git, and private keys from the container build process, preventing accidental data exposure. - Vulnerability Management (SAFE): Explicitly guides the user on how to use security scanning tools like
trivy,snyk, anddockleto audit images for vulnerabilities and configuration issues. - Secure Instruction Usage (SAFE): Correctly identifies the difference between
COPYandADD, recommendingCOPYfor standard file transfers to minimize the risks associated with the automatic decompression and remote URL fetching capabilities ofADD.
Audit Metadata