Skip to main content

setup-container-registry

Configures secure container image registries with automated scanning, tagging, and CI/CD integration for efficient image management.

Install this skill

or
59/100

Security score

The setup-container-registry skill was audited on Mar 3, 2026 and we found 17 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 52

Template literal with variable interpolation in command context

SourceSKILL.md
52```bash
medium line 144

Template literal with variable interpolation in command context

SourceSKILL.md
144```bash
medium line 220

Curl to non-GitHub URL

SourceSKILL.md
220curl -X POST https://hub.docker.com/api/content/v1/repositories/USERNAME/myapp/webhooks \
low line 217

Webhook reference - potential data exfiltration

SourceSKILL.md
217# Configure webhook for automated triggers
low line 218

Webhook reference - potential data exfiltration

SourceSKILL.md
218# Go to: Repository → Webhooks → Add webhook
low line 219

Webhook reference - potential data exfiltration

SourceSKILL.md
219WEBHOOK_URL="https://example.com/webhook"
low line 220

Webhook reference - potential data exfiltration

SourceSKILL.md
220curl -X POST https://hub.docker.com/api/content/v1/repositories/USERNAME/myapp/webhooks \
low line 223

Webhook reference - potential data exfiltration

SourceSKILL.md
223-d "{\"name\":\"CI Trigger\",\"webhook_url\":\"$WEBHOOK_URL\"}"
medium line 226

Webhook reference - potential data exfiltration

SourceSKILL.md
226**Expected:** Docker Hub access token created with read/write permissions. Images push successfully with multi-architecture support. Vulnerability scans run automatically (if enabled). README syncs fr
medium line 228

Webhook reference - potential data exfiltration

SourceSKILL.md
228**On failure:** For rate limit errors, upgrade to Pro plan or implement pull-through cache. For scan failures, verify plan includes scanning (not available on free tier). For multi-arch build failures
medium line 403

Webhook reference - potential data exfiltration

SourceSKILL.md
403- [ ] Webhook notifications trigger on image updates
low line 219

External URL reference

SourceSKILL.md
219WEBHOOK_URL="https://example.com/webhook"
low line 220

External URL reference

SourceSKILL.md
220curl -X POST https://hub.docker.com/api/content/v1/repositories/USERNAME/myapp/webhooks \
low line 236

External URL reference

SourceSKILL.md
236helm repo add harbor https://helm.gopharbor.io
low line 258

External URL reference

SourceSKILL.md
258externalURL: https://harbor.example.com
low line 302

External URL reference

SourceSKILL.md
302echo "Harbor UI: https://harbor.example.com"
low line 312

External URL reference

SourceSKILL.md
312https://harbor.example.com/api/v2.0/projects \
Scanned on Mar 3, 2026
View Security Dashboard

Install this skill with one command

/learn @pjt222/setup-container-registry
GitHub Stars 2
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
openclawdevopsbackenddevops-srebackend-developergrowth-pmgithubdockerdevelopmentproduct
pjt222/agent-almanac