ClawHub
Back to skill
v3.0.0

Dockerps

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:14 AM.

Analysis

This Docker monitoring skill is mostly purpose-aligned, but it includes a force cleanup command that can delete Docker containers/images without confirmation.

GuidanceReview the cleanup command carefully before installing. The monitoring commands are expected for a Docker helper, but cleanup should be treated as a destructive action and run only with explicit approval.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/script.sh
cmd_cleanup() {
    docker container prune -f 2>/dev/null && docker image prune -f 2>/dev/null && echo Cleaned
}

The cleanup command uses Docker prune with -f, removing stopped containers and pruning images without Docker's normal confirmation prompt.

User impactIf invoked accidentally or autonomously, this can remove local Docker resources and disrupt development or services that depend on stopped containers or cached images.
RecommendationOnly run cleanup after explicit user confirmation, and prefer a safer implementation that previews what will be removed or scopes cleanup to named containers/images.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Required binaries (all must exist): none; Required binaries (at least one): none

The dependency contract is incomplete because SKILL.md says Docker is required and the included script invokes Docker and python3, but the registry metadata declares no required binaries.

User impactAutomated checks or users may not be warned up front that local Docker and python3 are needed.
RecommendationDeclare docker and python3 as required binaries so users can understand the runtime prerequisites before installation.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
scripts/script.sh
docker ps -a --format 'table {{.Names}}\t{{.Status}}\t{{.Ports}}' ... docker logs --tail ${3:-50} $2

The script operates through the user's local Docker CLI and can enumerate containers and read container logs using whatever Docker access the user already has.

User impactThe skill can expose container names, status, ports, and logs, which may include operational or sensitive application information.
RecommendationInstall and use it only in Docker environments where the agent is allowed to inspect containers and logs; ask for confirmation before reading sensitive logs or performing management actions.