Docker Sandbox
Security checks across malware telemetry and agentic risk
Overview
This skill is a documented Docker sandbox guide that intentionally runs code in temporary containers and does not hide persistence, credential access, or host modification behavior.
Install only if you trust Docker on your machine. When using the skill, mount only a temporary task folder, keep networking disabled unless required, add CPU and memory limits to shell examples too, and avoid privileged containers or sensitive host paths.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.