docker-security-guide
Provides comprehensive Docker security guidelines and threat mitigation strategies for secure container management.
Install this skill
Security score
The docker-security-guide skill was audited on May 13, 2026 and we found 14 security issues across 4 threat categories, including 3 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 165 | ```yaml |
Template literal with variable interpolation in command context
| 344 | ```yaml |
Template literal with variable interpolation in command context
| 417 | ```dockerfile |
Piping content to sh shell
| 330 | curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh |
Curl to non-GitHub URL
| 653 | --health-cmd="curl -f http://localhost/health || exit 1" \ |
Access to root home directory
| 426 | RUN --mount=type=secret,id=npmrc,target=/root/.npmrc \ |
Access to SSH directory
| 462 | .ssh/ |
Access to AWS credentials directory
| 454 | .aws/ |
Access to .env file
| 206 | COPY .env /app/.env |
Access to .env file
| 442 | .env |
Access to .env file
| 443 | .env.local |
External URL reference
| 205 | RUN git clone https://user:[email protected]/repo.git |
External URL reference
| 216 | git clone https://$(cat /run/secrets/github_token)@github.com/repo.git |
External URL reference
| 653 | --health-cmd="curl -f http://localhost/health || exit 1" \ |