Back to skill

Security audit

Personal Docker Manager

Security checks across malware telemetry and agentic risk

Overview

This Docker management skill is purpose-aligned but gives an agent broad infrastructure and credential-management power without enough user-control or secret-handling safeguards.

Install only in environments where you trust the agent with administrator-level Docker access. Before use, require explicit confirmation for delete, prune, stop, exec, stack deploy, user/role, and API-key actions; avoid passing broad tokens; redact logs and errors; and prefer scoped credentials on non-production systems first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly documents destructive operations such as container and resource removal without requiring confirmation steps, backup guidance, or warnings about service interruption and data loss. In an agent context, this increases the chance that a user request could be translated into irreversible actions against live infrastructure.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises access to logs, events, users, and API keys but does not include strong privacy, least-privilege, or secret-handling guidance near those capabilities. Because these endpoints can expose sensitive operational data and credentials, an agent using this skill could inadvertently retrieve, display, or mishandle secrets and personal information.

Credential Access

High
Category
Privilege Escalation
Content
**Authentication Failed**
- Verify token is not expired (check `expiresAt`)
- Use refresh token to get new access token
- Verify API key is correct and not expired

**Container Won't Start**
Confidence
72% confidence
Finding
access token

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.