Docker Encyclopedia

Security checks across malware telemetry and agentic risk

Overview

This Docker helper is transparent about fetching official Docker docs and keeping a local workspace cache, with no evidence of hidden or unrelated behavior.

Install only if you want a Docker-specific assistant that may fetch official Docker documentation and write a .Docker-Encyclopedia folder in your workspace. Review or disable note-taking if your Docker environment details are sensitive, and do not allow credentials, tokens, private URLs, or other secrets to be written into the cache or inventory files.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill directs the agent to perform network access and filesystem writes via `scripts/cache_doc.py`, `scripts/init_workspace.py`, and by storing cached docs and notes under `.Docker-Encyclopedia/`, but no explicit permissions are declared. Undeclared write/network capabilities weaken user awareness and policy enforcement, and could lead to unexpected workspace modification or remote fetching during normal use.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 81% confidence
Finding: The stated purpose is a Docker documentation-first assistance workflow, but the skill also instructs the agent to create local directory structures, cache remote content, and persist operational observations. That behavioral expansion is security-relevant because users may invoke what appears to be an informational skill without realizing it performs side effects on disk and over the network.

Missing User Warnings

Low

Confidence: 76% confidence
Finding: The skill repeatedly instructs the agent to save consulted docs and local operational learnings into the workspace, but does not clearly warn at the point of use that this persists data. Even though the skill includes a brief secrets warning, silent persistence can still surprise users and may capture environment-specific operational details they did not intend to retain.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal