docker
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous shell commands for Docker lifecycle management, including building images (
docker build), managing services (docker compose), and debugging containers (docker logs,docker exec,docker inspect). These are standard operations for a DevOps/containerization skill. - [EXTERNAL_DOWNLOADS]: The reference files document the use of various official base images from established registries (Docker Hub, GHCR, GCR, ECR) and reference industry-standard security tools such as Trivy, Snyk, and Docker Scout. These are well-known services and essential for professional container workflows.
- [SAFE]: The skill enforces several high-value security guardrails, such as mandatory non-root users in production stages, pinning image tags to specific versions, utilizing
.dockerignoreto prevent sensitive file leaks, and using BuildKit secret mounts to avoid baking credentials into image layers.
Audit Metadata