Back to skill

Security audit

Container Debug

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Docker troubleshooting skill whose powerful commands are relevant to container debugging, with some cleanup examples users should run carefully.

Install only if you want Docker troubleshooting guidance. Before running examples, confirm container, image, network, and Compose project names; avoid root shells and namespace-sharing debug containers unless necessary; treat logs and env output as sensitive; and be especially careful with prune commands, since they can remove unused Docker resources and volumes can delete data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill includes destructive cleanup commands such as `docker system prune -a` and `docker system prune -a --volumes`, which go beyond inspection/debugging and can irreversibly delete containers, images, networks, build cache, and volumes. In a debugging skill, users may copy-paste these commands during incident response, causing accidental data loss or service disruption unrelated to the original problem.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Several prune commands are presented as routine cleanup steps, but some irreversible removals are not accompanied by sufficiently explicit warnings at the point of use, especially `docker system prune -a` and `docker builder prune`. This increases the chance that operators run broad deletion commands in production or on shared development hosts, leading to avoidable data loss and downtime.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.