Skylv Container Helper
AdvisoryAudited by Static analysis on May 2, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user approves generated commands, the skill could help perform changes such as building images, pushing them to a registry, or altering container networking.
The skill is meant to guide Docker build, push, and network operations. This is purpose-aligned, but those operations can change local containers/images or remote registry state.
description: Docker assistant. Container management, image building, and Dockerfile optimization ... 用户: 构建镜像并推送到registry ... 用户: 配置容器网络
Review generated Docker commands, image tags, registry targets, and network changes before running them.
A registry push could publish or overwrite images under whatever registry account and namespace the user is logged into.
Pushing to a registry may use the user's existing Docker login or registry account permissions. The artifacts do not show credential collection, storage, or leakage, but account-scoped actions are possible in this workflow.
用户: 构建镜像并推送到registry
Use least-privilege registry credentials, confirm the target registry and repository, and avoid pushing sensitive images accidentally.
Users have limited external provenance information for the publisher or source of the instructions.
There is no executable package or install script to inspect, which reduces code-execution risk, but provenance is limited because no source or homepage is provided.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Install only if you trust the registry entry and manually review any Docker commands produced during use.