docker-patterns
用于本地开发的Docker和Docker Compose模式,包括容器安全、网络、卷策略和多服务编排。
84/100
Security score
The docker-patterns skill was audited on Mar 8, 2026 and we found 8 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 115
Wget to non-GitHub URL
SourceSKILL.md
| 115 | HEALTHCHECK --interval=30s --timeout=3s CMD wget -qO- http://localhost:3000/health || exit 1 |
medium line 338
Wget to non-GitHub URL
SourceSKILL.md
| 338 | docker compose exec app wget -qO- http://api:3000/health |
low line 267
Access to .env file
SourceSKILL.md
| 267 | - .env # Never commit .env to git |
low line 290
Access to .env file
SourceSKILL.md
| 290 | .env |
low line 291
Access to .env file
SourceSKILL.md
| 291 | .env.* |
low line 364
Access to .env file
SourceSKILL.md
| 364 | # Use .env files (gitignored) or Docker secrets |
low line 115
External URL reference
SourceSKILL.md
| 115 | HEALTHCHECK --interval=30s --timeout=3s CMD wget -qO- http://localhost:3000/health || exit 1 |
low line 338
External URL reference
SourceSKILL.md
| 338 | docker compose exec app wget -qO- http://api:3000/health |
Scanned on Mar 8, 2026
View Security Dashboard