containerize-apps
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): A malicious URL (url.in) was flagged by automated security scanners in the analysis context. While not explicitly used as a target in the code, its association triggered a high-severity alert.
- [CREDENTIALS_UNSAFE] (HIGH): Hardcoded database credentials (postgres/postgres) are present in the Docker startup script template in
references/startup-script-pattern.md. These should be replaced with environment variables in non-development settings. - [COMMAND_EXECUTION] (MEDIUM): The
docker-start.shscript inreferences/startup-script-pattern.mdexecutes system commands likedocker composeandpnpmbased on input flags, which involves dynamic command construction. - [SAFE] (INFO): Permissive Host header validation (0.0.0.0:*) is suggested in
references/mcp-server-containerization.mdto support Docker networking. This could lead to Host Header injection or DNS rebinding vulnerabilities if the service is exposed to the internet without additional protection.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata