docker
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to improve the security posture of containerized applications through rigorous hardening templates and production checklists.\n- [COMMAND_EXECUTION]: The skill utilizes standard container industry tools including
docker,podman,cosign,syft,grype, andtrivyfor legitimate infrastructure management, validation, and security auditing tasks.\n- [EXTERNAL_DOWNLOADS]: Installation instructions for supporting tools use official system package repositories (apt, dnf, pacman), which are considered trusted sources.\n- [CREDENTIALS_UNSAFE]: Secret management examples correctly implement Docker Secrets and environment-file patterns. Example credentials provided for development overrides use standard placeholder values and follow acceptable vendor patterns.
Audit Metadata