docker-container-rerun-all
PassAudited by VirusTotal on May 7, 2026.
Overview
Type: OpenClaw Skill Name: docker-container-rerun-all Version: 1.1.0 The skill automates batch Docker container updates by parsing and executing shell commands directly from a markdown file (MEMORY.md). This pattern introduces a significant command injection risk in scripts/run_all_docker_reruns.py, as the script extracts text from fenced code blocks and passes it to a subprocess. While the behavior is aligned with the stated purpose of Docker management, the combination of high-privilege Docker access and the execution of dynamically parsed strings from a user-editable documentation file constitutes a high-risk capability.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A stale, mistaken, or poisoned memory entry could cause the agent to recreate a container with the wrong command when --apply is used.
If the expected header is missing, the script scans the entire MEMORY.md for docker run code blocks and forwards the matched recreate command into the update/apply workflow. That makes persistent memory entries a high-impact authority for container recreation.
else:
target_text = memory_text
...
blocks = re.findall(r'```(?:bash|sh)?\s*\n(.*?)\n\s*```', target_text, re.DOTALL)
...
cmd = ['python3', str(SINGLE_SCRIPT), '--container-name', container_name, '--recreate-command', recreate_command]
if apply: cmd.append('--apply')Before using --apply, manually review the relevant MEMORY.md section and the exact recreate commands for every matched container; consider requiring the script to fail closed when the expected section is missing.
Using --apply can interrupt running services or change container configuration if the remembered recreate command is wrong.
The skill clearly discloses that apply mode can perform disruptive Docker operations. This is aligned with its purpose, but it is still high-impact local mutation.
Add `--apply` only when the user explicitly wants to recreate containers that need updates ... may stop, remove, and recreate matching containers sequentially
Run the default non-apply mode first, inspect the proposed results and memory commands, and use --apply only when you accept service interruption risk.
The safety of this skill depends on the installed sibling docker-container-rerun implementation.
The high-impact per-container workflow is delegated to a sibling skill script that is not included in this artifact set or pinned by version here.
SINGLE_SCRIPT = SKILL_DIR.parent / 'docker-container-rerun' / 'scripts' / 'update_docker_run_container.py'
Verify that the sibling skill is installed from a trusted source and review its script before allowing this wrapper to run apply mode.