Skills
skills/ingpdw/pdw-python-dev-tool/docker-build/Gen Agent Trust Hub

docker-build

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCREDENTIALS_UNSAFE
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): Hardcoded plaintext credentials detected in environment variables.
  • The POSTGRES_PASSWORD is set to a weak default value ('postgres').
  • The DATABASE_URL string contains the hardcoded 'postgres:postgres' credential pair.
  • [NETWORK_SECURITY] (MEDIUM): Exposure of internal services.
  • Database (5432) and Redis (6379) ports are mapped to the host's public interface (0.0.0.0). In production, these should be restricted to the internal network.
  • [EXTERNAL_DOWNLOADS] (SAFE): Use of trusted official images.
  • The configuration pulls postgres:16-alpine and redis:7-alpine from Docker Hub, which are considered trusted sources.
  • [COMMAND_EXECUTION] (SAFE): Standard healthcheck implementations.
  • The use of pg_isready, redis-cli, and urllib.request within healthchecks follows established best practices for container orchestration.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:41 PM