skills/mukul975/anthropic-cybersecurity-skills/hardening-docker-daemon-configuration/Gen Agent Trust Hub
hardening-docker-daemon-configuration
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to download the official rootless Docker installation script from Docker's verified domain and to pull the 'docker-bench-security' image from Docker Hub. These downloads are legitimate components for implementing and verifying the security controls described in the skill.
- [COMMAND_EXECUTION]: The provided Python scripts execute the 'docker info' command using the subprocess module to gather system configuration data. These execution patterns are static and do not incorporate or execute unvalidated input from external sources.
- [DATA_EXFILTRATION]: The auditing scripts read local configuration files, specifically '/etc/docker/daemon.json', and check permissions on the Docker socket. The results of these checks are only printed to the standard output or saved to a local file path as specified by the user, with no evidence of unauthorized network transmission.
Audit Metadata