Back to skill

Security audit

Docker

Security checks across malware telemetry and agentic risk

Overview

This is a Docker reference skill with relevant but potentially destructive Docker cleanup commands that users should run deliberately.

Install if you want Docker operational guidance. Before allowing an agent to run commands from it, confirm the active Docker context and exact target resources, especially for prune, volume, compose down, remove, push, or production container operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill’s activation guidance is intentionally broad: it says to apply the skill directly whenever Docker work appears and includes many adjacent topics like security, runtime behavior, logs, ports, and volumes. In an agentic system, this can cause the skill to be invoked in situations where Docker is only tangentially related, increasing the chance that its instructions override narrower, task-specific safeguards or steer actions the user did not intend.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file includes destructive cleanup commands such as `docker volume prune` and `docker system prune -a --volumes` in a quick-reference format without adequately emphasizing that they can permanently delete data, images, networks, and volumes. In a skill meant to be applied by default for Docker tasks, this increases the chance an agent or user may invoke them casually during troubleshooting or cleanup, causing unintended service disruption or irreversible data loss.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.