Docker Analyzer
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The Docker-inspection purpose is mostly coherent, but the optimize command unsafely embeds the image name into Python code, so a crafted argument could run local code.
Before installing, confirm you are comfortable with the agent inspecting your local Docker images and containers. The `optimize` command should be fixed before use because a maliciously crafted image argument could execute local code.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent is tricked into running `optimize` with a malicious image argument, code could run on the user's machine with the agent's local permissions.
The `optimize` command inserts the image argument directly into generated Python source. A crafted argument containing quotes or Python syntax could break out of the string and execute Python code locally.
image="${1:-}"
...
python3 << PYEOF
import subprocess, json
image = "$image"Pass the image argument to Python via `sys.argv` or an environment variable using a quoted heredoc, and validate Docker image names before use.
Container names, image names, build history, and Docker metadata may be shown to the agent or user output.
The skill uses the Docker CLI to enumerate local containers and images. This is expected for a Docker analyzer, but it means the agent can view local Docker inventory when invoked.
subprocess.check_output(["docker", "ps", "-a", "--format", "{{json .}}"]Use it only in Docker environments where this metadata is acceptable to inspect, and be cautious with images whose build history may contain secrets.
The skill may not run as expected unless the user already has the needed tools and command wiring available.
The included script requires Bash, Python, and Docker, but the registry metadata does not declare those runtime dependencies or an install mechanism for the `docker-analyzer` command.
Required binaries (all must exist): none ... Install specifications: No install spec — this is an instruction-only skill.
Declare required binaries and document how `scripts/docker_analyzer.sh` is installed or invoked as `docker-analyzer`.
Anyone allowing the agent to run this skill is allowing it to inspect Docker resources available to the current user.
The skill uses the user's existing Docker daemon privileges to inspect local Docker objects. This is purpose-aligned, and the artifacts do not show credential theft or destructive Docker actions.
docker inspect "$image" ... docker history --no-trunc "$image" ... docker system df
Run it with the least-privileged Docker access practical and review outputs before sharing them externally.