The Agent Skills Directory

[SAFE]: The skill serves as an educational resource and review workflow for auditing container security. It contains no executable scripts or automated network functionality.
[SAFE]: Insecure code patterns, such as hardcoded credentials and privileged access configurations, are documented strictly as anti-patterns for detection purposes and are explicitly marked as failing security checks.
[SAFE]: The skill recommends industry-standard tools like docker scout and references official Docker documentation for security auditing.
[SAFE]: The skill evaluates untrusted Docker configurations (indirect prompt injection surface) through a structured manual review process. Ingestion points: User-provided Dockerfiles and Compose files are analyzed by the agent based on provided checklists. Boundary markers: The skill relies on structured checklists to maintain context but does not implement platform-level delimiters. Capability inventory: References standard Docker CLI commands such as docker scout, history, inspect, and stats used for read-only auditing and status reporting. Sanitization: Input data is processed as text for review; no automated script execution or sanitization is defined within the skill content.

docker-agents-review