ClawHub

Docker Manager

Security checks across malware telemetry and agentic risk

Overview

This Docker management skill is transparent about its purpose, but it includes force-prune cleanup commands and broad triggers that can delete Docker resources without documented confirmation.

Install only if you are comfortable letting the agent operate on your current Docker context. Before any stop, restart, or prune action, require it to show the target container names or IDs, the active Docker context, relevant `docker ps -a` or `docker system df` output, and the exact command it plans to run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README advertises prune/cleanup capabilities that can delete unused containers and images, but it does not warn users that these operations are destructive and may remove resources they expected to keep. In a Docker management skill, that omission increases the chance of accidental data loss or service disruption, especially if users invoke cleanup from natural-language prompts without understanding deletion scope.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents and promotes destructive Docker cleanup commands such as `docker container prune -f` and `docker image prune -a -f` without any warning that they permanently remove stopped containers and unused images. In an agent setting, presenting these commands as routine maintenance increases the chance of accidental execution, causing service disruption, loss of debugging artifacts, or deletion of cached images needed for recovery.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal