Learn Docker

Security checks across malware telemetry and agentic risk

Overview

This appears to be a low-risk learning-recommendation skill, with a minor scope ambiguity but no evidence of hidden access, persistence, or harmful behavior.

This is reasonable to install if you want Docker learning-path recommendations. Treat any suggestions outside Docker as optional and verify the public LabEx links yourself; no credential or privileged-access risk is evident from the supplied artifacts.

SkillSpector

By NVIDIA

Vulnerability Patterns

System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Intent-Code Divergence

Medium

Confidence: 92% confidence
Finding: Earlier instructions explicitly require the skill to remain within the Docker learning path and not drift into other paths or unrelated recommendations. Line L68 contradicts that intent by stating recommendations can span Linux, DevOps, languages, security, data, and frontend tracks, which conflicts with the skill's declared Docker-only scope.

Direct Prompt Extraction

High

Category: System Prompt Leakage
Content: - User asks for Docker labs on a topic in this path: recommend the most relevant public course labs you can derive from course expansion. - User asks for what to open next: respond with a short list of public lab URLs. ## Output Rules - Stay inside the Docker learning path. - Favor brief recommendations over long catalogs.
Confidence: 85% confidence
Finding: Output Rules

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal