docker-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFENO_CODE
Full Analysis
- [CREDENTIALS_UNSAFE] (LOW): The
docker-compose.ymlexample includes hardcoded placeholder credentials (e.g.,POSTGRES_PASSWORD: pass). While clearly intended as documentation placeholders, they represent a pattern of hardcoding secrets. - [SAFE] (SAFE): The skill actively advocates for security best practices, including using non-root users (
USER appuser), pinning base image versions, and utilizing.dockerignoreto prevent secret leakage. - [NO_CODE] (SAFE): The skill contains no scripts or automation for the agent to execute. It consists entirely of markdown documentation and code snippets for human reference.
Audit Metadata