ClawHub

Docker Essentials 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Docker command reference, but users should be careful with the cleanup, volume, and push examples because they can delete data or publish images.

Install only if you want Docker command help. Before running any remove, force-remove, prune, volume cleanup, or push command, inspect the affected resources, confirm the target registry and visibility, and back up important volume data. Avoid broad cleanup commands on production or shared machines unless you are certain what Docker will remove.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents `docker container prune` without warning that it deletes all stopped containers, which can remove useful state and surprise users. In a command-reference skill, omission of safety context around destructive cleanup increases the chance of accidental data or workflow loss, even if the command itself is legitimate.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The `docker push myrepo/myapp:1.0` example lacks warning that pushed images may contain application code, configuration, and accidentally embedded secrets or proprietary assets. In a general-purpose Docker skill, this can lead users to publish sensitive contents to a remote registry without realizing the exposure boundary.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
`docker-compose down -v` is destructive because it removes associated volumes, which often contain persistent database or application data. Without a prominent warning, users may treat it as routine teardown and unintentionally erase state needed for development, testing, or recovery.

Missing User Warnings

High
Confidence
95% confidence
Finding
The system prune examples (`docker system prune`, `-a`, and `--volumes`) perform broad cleanup across containers, networks, images, build cache, and optionally volumes, with potentially irreversible effects. In a quick-reference skill, presenting them without prominent cautions makes accidental large-scale deletion more likely and can disrupt local environments or destroy persistent data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal