dockerfile-optimise
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive guidelines for Dockerfile optimization across multiple categories such as layer caching, multi-stage builds, and security.
- [SAFE]: All code examples are provided as templates or reference implementations for writing Dockerfiles; they do not contain instructions that execute on the host system.
- [SAFE]: The security sections (e.g.,
sec-secret-mounts.md,sec-no-secrets-in-args.md) correctly identify potential vulnerabilities in Docker usage and provide standard industry mitigations like BuildKit secret mounts and SSH agent forwarding. - [SAFE]: No evidence of prompt injection, obfuscation, or data exfiltration was detected. The instructions are strictly technical and follow the stated purpose of Dockerfile optimization.
- [SAFE]: The static analysis flag for destructive commands is a false positive; the
rm -rfandchmodcommands found in the reference files are used for standard best practices such as cleaning up package manager caches and securing SSH key permissions inside ephemeral Docker build layers.
Audit Metadata