docker
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard Docker templates and configuration files that follow industry best practices for containerization.- [DATA_EXFILTRATION]: Configuration patterns correctly use environment variables for sensitive data and include a comprehensive
.dockerignorefile to prevent accidental inclusion of local secrets, environment files, or build artifacts in the container context.- [SAFE]: Dockerfile templates implement the principle of least privilege by creating and switching to non-root users (appuser) for runtime stages, reducing the potential impact of container breakout vulnerabilities.- [EXTERNAL_DOWNLOADS]: Base images are sourced from official and well-known registries (Docker Hub), and the templates use specific version tags rather than the unversioned 'latest' tag.
Audit Metadata