ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Docker MCP Toolkit

v0.1.1

Control and use an MCP Toolkit running in Docker. Use when setting up Docker MCP Toolkit (docker compose up/down), checking status/logs, configuring environm...

0· 460·0 current·0 all-time
byCauhi@pcauhi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the observed files and scripts: all scripts call the `docker mcp` CLI for listing/enabling/disabling servers and calling tools. There are no unrelated binaries, credentials, or config paths requested.
Instruction Scope
SKILL.md limits runtime activity to running provided scripts and Docker MCP commands. The scripts do not read unrelated files or environment variables and do not exfiltrate data. They require `jq` for JSON parsing and call `docker mcp tools call` as advertised.
Install Mechanism
Instruction-only with bundled scripts; there is no install specification or remote download. Nothing is written to disk by an installer beyond the included script files.
Credentials
The skill requests no environment variables or secrets. The documentation recommends using Docker Desktop's secret store and least-privilege credentials, which is appropriate for a toolkit that can invoke tools against external services.
Persistence & Privilege
always is false and the skill does not attempt to persist configuration or modify other skills. It requires Docker Desktop and may be invoked autonomously (default) which is normal for skills; this alone is not a problem.
Assessment
This skill is a thin, coherent wrapper around the `docker mcp` CLI. Before using it: ensure Docker Desktop (MCP-enabled) and jq are installed; run ./scripts/preflight.sh; review the list of exposed MCP tools (./scripts/tools.sh) and understand what each tool does, because invoking tools can perform side effects on databases or services; do not expose the MCP gateway to the public network, and prefer the desktop keychain/secrets integration for credentials. If you plan to pass nested JSON objects/arrays, note the call-tool.sh intentionally rejects them — inspect or call `docker mcp tools` directly for tool-specific argument formats.

Like a lobster shell, security has layers — review code before you run it.

latestvk970vw67p569epbm2aaj7zdxqx821g5k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments