docker-guide
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of static Markdown documentation and configuration templates (Dockerfile, docker-compose.yml). It does not contain any executable scripts, agent instructions, or automation logic that could be exploited to perform unauthorized actions on a system.
- [CREDENTIALS_UNSAFE] (LOW): The provided
docker-compose.ymltemplate includes a hardcoded placeholder password (POSTGRES_PASSWORD: password). This is a low-risk finding as it is explicitly labeled for local development, though it is a best practice to use environment variables for all secrets.
Audit Metadata