docker-deploy

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides Dockerfile templates for multiple languages (Python, Node.js, Go, Rust) that follow security best practices, including the use of multi-stage builds to minimize image size and attack surface.
  • [SAFE]: All suggested base images originate from official Docker Hub repositories or well-known services like Google Container Registry (gcr.io).
  • [SAFE]: The skill explicitly enforces security hardening measures, such as switching to non-root users (USER appuser) and using .dockerignore files to prevent the accidental inclusion of sensitive files like .env or .git directories in image layers.
  • [SAFE]: Guidance is provided for correct signal handling (exec form) and health check implementation, which are standard operational best practices for containerized environments.
  • [SAFE]: The skill discourages anti-patterns such as running containers as root or hardcoding secrets, providing safer alternatives for production deployments.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 04:50 PM
Security Audit — agent-trust-hub — docker-deploy