docker-syntax-dockerfile
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [SAFE]: The skill serves as a technical education resource, providing best practices for containerization and signal handling.
- [CREDENTIALS_UNSAFE]: Identifies hardcoded credential patterns (such as 'sk-' and 'secret123') used within anti-pattern documentation to illustrate insecure practices that must be avoided.
- [EXTERNAL_DOWNLOADS]: References the use of curl, wget, and the ADD instruction for acquiring remote resources, documented through standard usage examples and links to official Docker documentation.
- [COMMAND_EXECUTION]: Provides extensive documentation on RUN, CMD, and ENTRYPOINT instructions, detailing the security implications of shell vs exec forms and proper process management.
- [NO_CODE]: The skill consists entirely of markdown files and contains no executable scripts, binaries, or active platform configurations.
Audit Metadata