Docker Health Monitor
ReviewAudited by ClawScan on May 11, 2026.
Overview
The skill mostly matches Docker health monitoring, but its default image check runs docker pull, which can change local or remote Docker image state despite being described as an advisory check.
Install only if you want the agent to inspect Docker with Docker-socket-level privileges. Avoid --all or --images on production or remote Docker contexts unless you accept that the script may pull images and change the Docker image cache; use --status, --resources, or --restarts for read-only checks until the image-check behavior is clarified or fixed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A normal health report may contact registries, use configured registry access, consume bandwidth, and change the Docker daemon's local image cache or tags.
The default full health check calls check_images, and check_images runs docker pull for each container image rather than using a read-only manifest comparison.
local mode="${1:---all}" ... --all|--full|"") ... check_images ... if docker pull --quiet "$image" 2>/dev/null; thenRun --images or --all only after approving this side effect, especially on production or remote Docker contexts; the skill should switch to a read-only manifest check or prompt clearly before pulling.
Users may believe they are running a read-only audit when the skill can actually modify Docker image state.
The documentation frames image checking as advisory and treats docker pull as a later user action, but the included script already runs docker pull during the check.
`--images` checks are advisory — uses `docker inspect` for image digests ... Outdated images: Run `docker pull` to update images
Update the documentation to disclose that image checks pull images, or change the implementation so checks are truly advisory and require explicit approval before pulling.
The skill can inspect Docker containers and, depending on Docker context, may act against a remote or production Docker daemon.
Docker socket or root/docker-group access is powerful and can affect local or remote daemons, but this access is disclosed and is broadly necessary for Docker health monitoring.
Requires access to the Docker socket (`/var/run/docker.sock`) — run as root or add user to the `docker` group ... Works with both local Docker and remote Docker contexts (DOCKER_HOST env var)
Verify the active Docker context before use and avoid granting this skill access to production Docker daemons unless you are comfortable with its Docker commands.
Pre-install checks may not warn users that Docker access is required.
The script requires Docker CLI and Docker daemon access, but the registry metadata does not declare those requirements; this is an under-declaration rather than hidden code.
Required binaries (all must exist): none ... Capability signals: No capability tags were derived.
Declare the docker binary and Docker daemon access capability in metadata so users can see the requirement before installation.