docker-core-security
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and command-line examples for hardening Docker environments, focusing on industry-standard security mechanisms like non-root users, capability dropping, and read-only filesystems.
- [SAFE]: All external tool references (Docker Scout, Trivy, Snyk) and documentation links (docs.docker.com) target well-known and trusted technology services.
- [SAFE]: Credential patterns identified in the references (e.g., API_KEY, DB_PASSWORD) are explicitly labeled as insecure anti-patterns for educational purposes and do not represent hardcoded secrets in the skill itself.
- [SAFE]: Configuration instructions for rootless Docker and Docker Bench for Security follow official implementation guidelines and are intended for environment auditing and hardening.
Audit Metadata