ascend-docker
Fail
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The script 'scripts/run-ascend-container.sh' runs Docker containers using the '--privileged' flag by default. This grants the container nearly unrestricted access to the host system, bypassing standard security isolation and allowing potential modification of host hardware or kernel settings.\n- [COMMAND_EXECUTION]: The script utilizes '--net=host' and '--ipc=host' flags in its execution modes, which remove network and inter-process communication isolation between the container and the host machine.\n- [DATA_EXFILTRATION]: All Docker run configurations in the skill mount the host's entire '/home' directory into the container using the '-v /home:/home' flag. This exposes all user-owned files, sensitive configurations, and personal data on the host to the container environment.\n- [REMOTE_CODE_EXECUTION]: The script executes Docker containers based on user-provided image names without validation or source verification, which could result in the execution of malicious code if an untrusted or compromised image is specified as an argument.
Recommendations
- AI detected serious security threats
Audit Metadata