docker
Warn
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to use
sudofor starting the Docker daemon (sudo dockerd) and running containers (sudo docker run). Using elevated privileges can bypass security restrictions and is classified as a privilege escalation risk. - [COMMAND_EXECUTION]: The Docker daemon is started in the background with output redirected to
/tmp/docker.log. While functionally useful, this pattern can be used to hide process activity and errors from the user's immediate view.
Audit Metadata