Back to skill

Security audit

Docker Manager

Security checks across malware telemetry and agentic risk

Overview

The skill currently only lists Docker container names, though its documentation advertises broader Docker cleanup, backup, and migration features that would need caution if implemented.

This version appears safe to install for basic container-name listing, but do not assume the advertised backup, cleanup, migration, or paid features actually exist. If a future version adds prune, backup, or migration support, review it carefully because those Docker operations can delete resources or copy sensitive application data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill advertises direct Docker management operations and includes example commands implying shell execution, but declares no explicit permissions or safety boundaries. In practice, Docker access is highly privileged and can enable container inspection, filesystem access via mounts, image execution, and host-impacting operations, so omitting permissions makes the trust boundary unclear and dangerous.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill promotes automated cleanup and prune operations without warning that these actions can irreversibly delete images, volumes, networks, or stopped containers. In a production trading environment, silent destructive actions raise the risk of outages and data loss if triggered accidentally or by misuse.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Volume backup and cross-host migration inherently copy potentially sensitive application and trading data, secrets, logs, and configuration between storage locations or hosts. Failing to warn about this can lead to accidental exfiltration, insecure transfers, or noncompliant handling of production data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.