development-environment
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): Remote script from an untrusted source piped directly to shell.\n
- Evidence: Automated scanning detected the command
curl -sS https://starship.rs/install.sh | sh. This is an extremely dangerous pattern that executes unverified code from the internet, bypassing security reviews and integrity checks.\n- COMMAND_EXECUTION (HIGH): Excessive privileges granted through 'Docker-in-Docker' (dind).\n - Evidence: In
templates/devcontainer.json, the featureghcr.io/devcontainers/features/docker-in-docker:2is enabled. Providing the container with access to the host's Docker daemon is a major security risk that can be exploited for container escape and host-level compromise.\n- DATA_EXFILTRATION (MEDIUM): Automatic exposure of sensitive environment credential files.\n - Evidence: The configuration in
templates/devcontainer.jsonincludes a bind mount for the host's.envfile (source=${localWorkspaceFolder}/.env,target=${containerWorkspaceFolder}/.env). This automatically transfers host-side secrets, API keys, and environment variables into the container, increasing the risk of credential theft.\n- REMOTE_CODE_EXECUTION (LOW): Automatic execution of untrusted package installation during startup.\n - Evidence: The
postCreateCommandintemplates/devcontainer.jsonexecutesnpm ciupon environment creation. This automatically installs and runs code from third-party registries based on local configuration, posing a supply-chain risk if dependencies are compromised.
Recommendations
- HIGH: Downloads and executes remote code from: https://starship.rs/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata