docker-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [NO_CODE]: The skill is composed exclusively of documentation in SKILL.md. It contains no scripts, binaries, or executable logic.
- [SAFE]: The content is a guide for the official Docker MCP Toolkit. It promotes secure practices like session-scoping for tools and secure secret handling via the Docker gateway.
- [EXTERNAL_DOWNLOADS]: Describes the use of the mcp-add command to retrieve official, signed servers from the Docker MCP Catalog, which is a trusted and well-known repository.
- [REMOTE_CODE_EXECUTION]: References the experimental 'code-mode' feature of the Docker MCP Toolkit for dynamic JavaScript tool creation within an isolated sandbox. This is a documented feature of the trusted external platform.
- [COMMAND_EXECUTION]: Provides instructions for using the mcp-exec tool to execute operations within the containerized MCP servers added to a session.
Audit Metadata