docker
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (CRITICAL): The skill promotes the use of 'Docker Hardened Images' (DHI) from an unverified registry at
dhi.ioin multiple files (templates/python/Dockerfile,templates/node/Dockerfile,references/docker-hardened-images.md). - Evidence: Documentation claims DHI is a Docker product and points to
https://docs.docker.com/dhi/, which is a 404/invalid link. - Risk: Pulling base images from an untrusted third-party domain allows the image provider to execute arbitrary code within the containerized environment.
- [CREDENTIALS_UNSAFE] (HIGH): The reference documentation (
references/docker-hardened-images.md) explicitly instructs users to rundocker login dhi.iousing their standard Docker ID credentials. - Risk: This is a phishing vector designed to harvest registry credentials by tricking users into authenticating against an attacker-controlled domain.
- [REMOTE_CODE_EXECUTION] (CRITICAL): While the main Dockerfile templates use official slim images, the accompanying documentation (
references/docker-hardened-images.md) provides 'production' snippets that useFROM dhi.io/python:3.13. - Risk: Users following the skill's 'security' advice would unknowingly introduce malicious payloads into their production infrastructure through these unverified base images.
- [CREDENTIALS_UNSAFE] (LOW): Hardcoded default credentials are used in the local development templates.
- Evidence:
templates/python/compose.yamlandtemplates/node/compose.yamlcontainPOSTGRES_PASSWORD: postgresandBETTER_AUTH_SECRET=dev-secret-change-in-production. - Risk: Although intended for development, these defaults are insecure if accidentally committed to production or shared environments.
Recommendations
- AI detected serious security threats
Audit Metadata