escaping-containers-to-host
Fail
Audited by Socket on Jun 23, 2026
2 alerts found:
SecurityMalwareSecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
Malwarereferences/api-reference.md
HIGHMalwareHIGH
references/api-reference.md
This artifact is highly suspicious because it is an exploitation-oriented container/Kubernetes escape and host-execution guidance reference. It documents concrete high-impact abuse paths, especially Docker socket REST API usage to create privileged, host-integrated containers, and it further references kernel/cgroup/Kubernetes control points that enable host command execution and persistence. While no executable code is present in the snippet itself, its inclusion in a software supply chain would substantially increase the attacker’s capability to compromise containerized environments.
Confidence: 82%Severity: 90%
Audit Metadata