Skills
skills/mgd34msu/goodvibes-gemini/docker-web/Gen Agent Trust Hub

docker-web

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: Hardcoded database credentials are included in multiple Docker Compose templates, including those intended for production-like environments.
  • Evidence: SKILL.md contains POSTGRES_PASSWORD: password and DATABASE_URL=postgres://user:password@db:5432/myapp in the docker-compose.yml and docker-compose.prod.yml examples.
  • [COMMAND_EXECUTION]: The Traefik configuration pattern recommends mounting the Docker host socket, which is a high-risk practice.
  • Evidence: references/patterns.md contains a Traefik configuration with `volumes:
  • /var/run/docker.sock:/var/run/docker.sock`. Mounting the Docker socket grants the container root-equivalent control over the host Docker daemon, facilitating potential container escape and host compromise.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 07:52 AM