docker-deploy
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides Dockerfile templates for multiple languages (Python, Node.js, Go, Rust) that follow security best practices, including the use of multi-stage builds to minimize image size and attack surface.
- [SAFE]: All suggested base images originate from official Docker Hub repositories or well-known services like Google Container Registry (gcr.io).
- [SAFE]: The skill explicitly enforces security hardening measures, such as switching to non-root users (
USER appuser) and using.dockerignorefiles to prevent the accidental inclusion of sensitive files like.envor.gitdirectories in image layers. - [SAFE]: Guidance is provided for correct signal handling (exec form) and health check implementation, which are standard operational best practices for containerized environments.
- [SAFE]: The skill discourages anti-patterns such as running containers as root or hardcoding secrets, providing safer alternatives for production deployments.
Audit Metadata