Sovereign Docker Wizard

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Docker advisory skill with some risky Docker examples, but they fit its stated purpose and are mostly presented as guidance or anti-patterns.

Install only if you want your agent to advise on Docker and compose files. Treat its output like deployment code: review secrets handling, ports, volumes, privileged settings, Docker socket mounts, and cleanup commands before applying anything, especially prune commands that can remove unused volumes and cache.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The production compose example uses `${REDIS_PASSWORD}` interpolation for Redis credentials while elsewhere the skill recommends Docker secrets or a vault for production secrets. This inconsistency can normalize weaker secret handling and may lead users to expose secrets via environment variables, process listings, shell history, or mismanaged `.env` files.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The quick-reference section recommends destructive cleanup commands like `docker system prune -a --volumes` without an immediate warning that they remove unused images, volumes, and build cache. In an agent setting, presenting such commands as routine suggestions can cause accidental data loss or service disruption if copied blindly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal