The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The documentation provides instructions for installing the Trivy vulnerability scanner and the Hadolint Dockerfile linter from their official GitHub repositories. These are well-known security tools provided by reputable organizations.
[COMMAND_EXECUTION]: The auditing scripts (agent.py and process.py) use subprocess.run to interact with Docker and other CLI tools. These calls are implemented securely using argument lists rather than shell strings, which prevents command injection risks.
[DATA_EXFILTRATION]: The skill includes defensive features to scan for and alert users about secrets (such as API keys and passwords) accidentally embedded in Docker images or configuration files, thereby improving the security posture of the user's environment.

performing-container-image-hardening