The Agent Skills Directory

[COMMAND_EXECUTION]: The audit scripts scripts/agent.py and scripts/process.py utilize the subprocess module to execute Docker CLI commands such as docker ps and docker inspect. These commands are used to retrieve JSON-formatted metadata about the local container environment for security analysis. The scripts correctly use list-based command arguments to prevent shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The documentation and workflow files reference several well-known third-party security tools, including docker-bench-security, Hadolint, Dockle, and Trivy. These tools are standard in the container security industry and are sourced from reputable repositories on GitHub.
[SAFE]: The skill implements hardening measures in its own examples, such as using multi-stage builds, non-root users, and read-only filesystems. No evidence of malicious intent, data exfiltration, or obfuscation was found during the analysis.

hardening-docker-containers-for-production