Skills
skills/trevors/dot-claude/using-docker-in-web/Gen Agent Trust Hub

using-docker-in-web

Fail

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Requires root privileges through 'sudo' for installing system packages, managing the Docker daemon, and terminating system processes.
  • [COMMAND_EXECUTION]: Disables Docker's default network isolation mechanisms by utilizing the '--iptables=false' and '--bridge=none' configuration flags.
  • [EXTERNAL_DOWNLOADS]: Explicitly recommends disabling SSL/TLS certificate validation for 'npm' ('strict-ssl false'), 'curl' ('-k'), and 'csb' tools. This practice significantly increases the risk of Man-in-the-Middle (MitM) attacks during the retrieval of external resources.
  • [EXTERNAL_DOWNLOADS]: Executes system-level package management commands ('apt-get install') to download and install the Docker engine.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 21, 2026, 07:17 PM