docker
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The automated scan detected a pattern where a script is downloaded from 'https://get.docker.com' and executed. This 'curl-to-shell' method is a high-risk operation as it executes arbitrary code from a remote source without verification.- EXTERNAL_DOWNLOADS (LOW): The skill references an external installation script from a domain (docker.com) that is not included in the predefined list of trusted GitHub repositories or organizations.- COMMAND_EXECUTION (LOW): The skill provides numerous commands (docker build, docker run, docker compose) that interact directly with the host system's Docker daemon, which typically operates with high privileges.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.docker.com - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata