Trust Assessment
docker-containerization received a trust score of 25/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 3 critical, 0 high, 1 medium, and 1 low severity. Key findings include File read + network send exfiltration, Sensitive path access: Environment file, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | File read + network send exfiltration .env file access Remove access to sensitive files not required by the skill's stated purpose. SSH keys, cloud credentials, and browser data should never be read by skills unless explicitly part of their declared functionality. | Manifest | skills/veeramanikandanr48/docker-containerization/scripts/docker-run.sh:45 | |
| CRITICAL | Command Injection via eval with user-controlled arguments The `docker-build.sh` script constructs a `docker build` command using several user-supplied arguments (e.g., `--build-arg`, `--platform`, `-f`, `-n`, `-t`). This constructed command is then executed using `eval`. An attacker could inject shell metacharacters into these arguments, leading to arbitrary command execution on the host system where the script is run. For example, passing `--build-arg "FOO=bar; rm -rf /"` could execute `rm -rf /`. Avoid using `eval` with user-controlled input. Instead, construct the command as an array and use `exec` or `bash -c` with proper quoting, or pass arguments directly to `docker build`. Ensure all user-supplied variables are properly quoted when used in shell commands. | LLM | scripts/docker-build.sh:120 | |
| CRITICAL | Command Injection via eval with user-controlled arguments The `docker-run.sh` script constructs a `docker run` command using several user-supplied arguments (e.g., `--volume`, `--env-file`, `--network`, `--restart`, `-n`, `-i`, `-t`, `-p`). This constructed command is then executed using `eval`. An attacker could inject shell metacharacters into these arguments, leading to arbitrary command execution on the host system where the script is run. For example, passing `--volume "foo:bar; rm -rf /"` could execute `rm -rf /`. Avoid using `eval` with user-controlled input. Instead, construct the command as an array and use `exec` or `bash -c` with proper quoting, or pass arguments directly to `docker run`. Ensure all user-supplied variables are properly quoted when used in shell commands. | LLM | scripts/docker-run.sh:130 | |
| MEDIUM | Sensitive path access: Environment file Access to Environment file path detected: '.env.production'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/veeramanikandanr48/docker-containerization/scripts/docker-run.sh:45 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/veeramanikandanr48/docker-containerization/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/ce296896f2c38e57)
Powered by SkillShield