Docker MCP Toolkit

The skill is classified as suspicious due to multiple shell injection vulnerabilities and a prompt injection risk. The scripts `scripts/call-tool.sh`, `scripts/server-enable.sh`, and `scripts/server-disable.sh` directly use user-provided arguments (`$TOOL`, `$SERVER`) in `docker mcp` commands without proper sanitization, allowing for arbitrary command execution. Additionally, the `SKILL.md` file contains instructions that could lead to prompt injection, advising an AI agent to 'run `docker mcp tools call ...` directly' for complex arguments, potentially bypassing the `call-tool.sh` script's input validation and enabling the execution of arbitrary `docker mcp` commands.