スキル container-hadolint 監査履歴
📦

監査履歴

container-hadolint - 6 監査

監査バージョン 6

最新 中リスク

Jun 28, 2026, 05:11 AM

The static analyzer reported many severe patterns, but review shows most are Markdown examples or Hadolint configuration references, not hidden malicious behavior. The skill is safe to publish with a warning because it encourages external command execution and includes an unverified network installer pattern.

8
スキャンされたファイル
1,389
解析された行数
10
検出結果
codex
監査者
中リスクの問題 (2)
assets/github-actions.yml:75-76SKILL.md:40-42
Unverified Network Download in CI Template
The GitHub Actions template downloads the latest Hadolint binary with wget and makes it executable without checksum verification or immutable version pinning. This is legitimate setup guidance, but it creates supply-chain risk if copied directly into production CI.
SKILL.md:50-58SKILL.md:320-328assets/gitlab-ci.yml:15-26
Agent May Run External Container Linting Commands
The skill is built around running hadolint, docker, find, jq, and CI shell snippets against repository files. This is expected for the skill, but users should understand that following the instructions can execute local tools and read Dockerfiles in the workspace.
低リスクの問題 (4)
SKILL.md:36-58references/security_rules.md:39-47references/security_rules.md:81-90
Markdown Code Examples Triggered External Command Alerts
Most external command findings occur inside Markdown examples that demonstrate Hadolint usage, CI scripts, or Dockerfile remediation patterns. They are not hidden runtime code bundled with the skill.
references/security_rules.md:148-151references/security_rules.md:170-172SKILL.md:367-369
Recursive Delete Alerts Are Dockerfile Cleanup Examples
The recursive deletion findings are examples of removing apt package lists or apk cache inside Dockerfile instructions. They do not delete host root or home directories.
references/security_rules.md:245-258SKILL.md:257-262
Environment Secret Alerts Are Secure BuildKit Examples
The API key and authorization examples appear in documentation that warns against ARG secrets and recommends Docker BuildKit secret mounts. No evidence found of credential collection or exfiltration by the skill.
references/EXAMPLE.md:35-39assets/hadolint-strict.yaml:36-48SKILL.md:482-484
Reconnaissance and C2 Keyword Alerts Are Contextual False Positives
Network and system reconnaissance alerts map to security-framework references, trusted registry examples, label schema fields, or ShellCheck rule names. No evidence found of scanning networks or contacting command-and-control infrastructure.

リスク要因

⚙️ 外部コマンド (6)
SKILL.md:50-58 SKILL.md:238-247 SKILL.md:320-328 assets/github-actions.yml:68-82 assets/gitlab-ci.yml:15-26 references/security_rules.md:81-90
🌐 ネットワークアクセス (4)
SKILL.md:40-45 assets/github-actions.yml:75 references/security_rules.md:251-258 SKILL.md:594-598
📁 ファイルシステムへのアクセス (3)
references/security_rules.md:206 SKILL.md:243-250 references/security_rules.md:148-151
🔑 環境変数 (2)
references/security_rules.md:250-258 SKILL.md:257-262

検出されたパターン

Unpinned External Installer Pattern

監査バージョン 5

安全

Jan 16, 2026, 03:20 PM

This is a pure documentation skill with no executable code. All 200 static findings are false positives triggered by documentation examples showing Dockerfile patterns. The skill provides legitimate security documentation for Hadolint, an open-source Dockerfile linter. No scripts, network calls, or filesystem modifications exist. Behavior matches the stated purpose of Dockerfile security linting guidance.

9
スキャンされたファイル
1,617
解析された行数
4
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

リスク要因

⚙️ 外部コマンド (147)
assets/github-actions.yml:68 assets/gitlab-ci.yml:15 references/security_rules.md:21-23 references/security_rules.md:23-26 references/security_rules.md:26-28 references/security_rules.md:28-40 references/security_rules.md:40-42 references/security_rules.md:42-45 references/security_rules.md:45-47 references/security_rules.md:47-59 references/security_rules.md:59-63 references/security_rules.md:63-66 references/security_rules.md:66-70 references/security_rules.md:70-79 references/security_rules.md:79-82 references/security_rules.md:82-84 references/security_rules.md:84-87 references/security_rules.md:87-90 references/security_rules.md:90-99 references/security_rules.md:99-102 references/security_rules.md:102-105 references/security_rules.md:105-108 references/security_rules.md:108-111 references/security_rules.md:111-123 references/security_rules.md:123-125 references/security_rules.md:125-128 references/security_rules.md:128-130 references/security_rules.md:130-142 references/security_rules.md:142-144 references/security_rules.md:144-147 references/security_rules.md:147-152 references/security_rules.md:152-164 references/security_rules.md:164-166 references/security_rules.md:166-169 references/security_rules.md:169-173 references/security_rules.md:173-185 references/security_rules.md:185-187 references/security_rules.md:187-190 references/security_rules.md:190-192 references/security_rules.md:192-204 references/security_rules.md:204-207 references/security_rules.md:207-210 references/security_rules.md:210-214 references/security_rules.md:214-228 references/security_rules.md:228-231 references/security_rules.md:231-234 references/security_rules.md:234-237 references/security_rules.md:237-249 references/security_rules.md:249-252 references/security_rules.md:252-255 references/security_rules.md:255-259 references/security_rules.md:259-271 references/security_rules.md:271-275 references/security_rules.md:275-278 references/security_rules.md:278-283 references/security_rules.md:283-298 references/security_rules.md:298-302 references/security_rules.md:302-313 references/security_rules.md:313-320 references/security_rules.md:320-331 references/security_rules.md:331-334 references/security_rules.md:334-345 references/security_rules.md:345-354 references/security_rules.md:258 references/security_rules.md:255-259 SKILL.md:36-46 SKILL.md:46-50 SKILL.md:50-59 SKILL.md:59-63 SKILL.md:63-72 SKILL.md:72-80 SKILL.md:80-92 SKILL.md:92-95 SKILL.md:95-99 SKILL.md:99-109 SKILL.md:109-132 SKILL.md:132-136 SKILL.md:136-146 SKILL.md:146-152 SKILL.md:152-154 SKILL.md:154-178 SKILL.md:178-180 SKILL.md:180-181 SKILL.md:181-182 SKILL.md:182-183 SKILL.md:183-191 SKILL.md:191-203 SKILL.md:203-212 SKILL.md:212-218 SKILL.md:218-224 SKILL.md:224-238 SKILL.md:238-251 SKILL.md:251-260 SKILL.md:260-268 SKILL.md:268-281 SKILL.md:281-291 SKILL.md:291-293 SKILL.md:293-294 SKILL.md:294-295 SKILL.md:295-296 SKILL.md:296-298 SKILL.md:298-300 SKILL.md:300-301 SKILL.md:301-302 SKILL.md:302-303 SKILL.md:303-305 SKILL.md:305-307 SKILL.md:307-308 SKILL.md:308-309 SKILL.md:309-310 SKILL.md:310-311 SKILL.md:311-312 SKILL.md:312-320 SKILL.md:320-336 SKILL.md:336-342 SKILL.md:342-354 SKILL.md:354-360 SKILL.md:360-399 SKILL.md:399-402 SKILL.md:402-404 SKILL.md:404-410 SKILL.md:410-422 SKILL.md:422-457 SKILL.md:457-465 SKILL.md:465-467 SKILL.md:467-474 SKILL.md:474-480 SKILL.md:480-487 SKILL.md:487-497 SKILL.md:497-499 SKILL.md:499-506 SKILL.md:506-514 SKILL.md:514-521 SKILL.md:521-531 SKILL.md:531-537 SKILL.md:537-547 SKILL.md:547-551 SKILL.md:551-563 SKILL.md:563-567 SKILL.md:567-577 SKILL.md:577-581 SKILL.md:581-588 SKILL.md:245 SKILL.md:327 SKILL.md:238-251 SKILL.md:320-336 SKILL.md:244
🌐 ネットワークアクセス (21)
assets/github-actions.yml:75 references/security_rules.md:206 references/security_rules.md:213 references/security_rules.md:251 references/security_rules.md:258 references/security_rules.md:274 references/security_rules.md:281 references/security_rules.md:333 references/security_rules.md:436 references/security_rules.md:437 references/security_rules.md:438 references/security_rules.md:439 SKILL.md:19 SKILL.md:20 SKILL.md:21 SKILL.md:41 SKILL.md:594 SKILL.md:595 SKILL.md:596 SKILL.md:597 SKILL.md:598
📁 ファイルシステムへのアクセス (1)
references/security_rules.md:206
🔑 環境変数 (4)
references/security_rules.md:250 references/security_rules.md:251 references/security_rules.md:257 references/security_rules.md:258

監査バージョン 4

安全

Jan 16, 2026, 03:20 PM

This is a pure documentation skill with no executable code. All 200 static findings are false positives triggered by documentation examples showing Dockerfile patterns. The skill provides legitimate security documentation for Hadolint, an open-source Dockerfile linter. No scripts, network calls, or filesystem modifications exist. Behavior matches the stated purpose of Dockerfile security linting guidance.

9
スキャンされたファイル
1,617
解析された行数
4
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

リスク要因

⚙️ 外部コマンド (147)
assets/github-actions.yml:68 assets/gitlab-ci.yml:15 references/security_rules.md:21-23 references/security_rules.md:23-26 references/security_rules.md:26-28 references/security_rules.md:28-40 references/security_rules.md:40-42 references/security_rules.md:42-45 references/security_rules.md:45-47 references/security_rules.md:47-59 references/security_rules.md:59-63 references/security_rules.md:63-66 references/security_rules.md:66-70 references/security_rules.md:70-79 references/security_rules.md:79-82 references/security_rules.md:82-84 references/security_rules.md:84-87 references/security_rules.md:87-90 references/security_rules.md:90-99 references/security_rules.md:99-102 references/security_rules.md:102-105 references/security_rules.md:105-108 references/security_rules.md:108-111 references/security_rules.md:111-123 references/security_rules.md:123-125 references/security_rules.md:125-128 references/security_rules.md:128-130 references/security_rules.md:130-142 references/security_rules.md:142-144 references/security_rules.md:144-147 references/security_rules.md:147-152 references/security_rules.md:152-164 references/security_rules.md:164-166 references/security_rules.md:166-169 references/security_rules.md:169-173 references/security_rules.md:173-185 references/security_rules.md:185-187 references/security_rules.md:187-190 references/security_rules.md:190-192 references/security_rules.md:192-204 references/security_rules.md:204-207 references/security_rules.md:207-210 references/security_rules.md:210-214 references/security_rules.md:214-228 references/security_rules.md:228-231 references/security_rules.md:231-234 references/security_rules.md:234-237 references/security_rules.md:237-249 references/security_rules.md:249-252 references/security_rules.md:252-255 references/security_rules.md:255-259 references/security_rules.md:259-271 references/security_rules.md:271-275 references/security_rules.md:275-278 references/security_rules.md:278-283 references/security_rules.md:283-298 references/security_rules.md:298-302 references/security_rules.md:302-313 references/security_rules.md:313-320 references/security_rules.md:320-331 references/security_rules.md:331-334 references/security_rules.md:334-345 references/security_rules.md:345-354 references/security_rules.md:258 references/security_rules.md:255-259 SKILL.md:36-46 SKILL.md:46-50 SKILL.md:50-59 SKILL.md:59-63 SKILL.md:63-72 SKILL.md:72-80 SKILL.md:80-92 SKILL.md:92-95 SKILL.md:95-99 SKILL.md:99-109 SKILL.md:109-132 SKILL.md:132-136 SKILL.md:136-146 SKILL.md:146-152 SKILL.md:152-154 SKILL.md:154-178 SKILL.md:178-180 SKILL.md:180-181 SKILL.md:181-182 SKILL.md:182-183 SKILL.md:183-191 SKILL.md:191-203 SKILL.md:203-212 SKILL.md:212-218 SKILL.md:218-224 SKILL.md:224-238 SKILL.md:238-251 SKILL.md:251-260 SKILL.md:260-268 SKILL.md:268-281 SKILL.md:281-291 SKILL.md:291-293 SKILL.md:293-294 SKILL.md:294-295 SKILL.md:295-296 SKILL.md:296-298 SKILL.md:298-300 SKILL.md:300-301 SKILL.md:301-302 SKILL.md:302-303 SKILL.md:303-305 SKILL.md:305-307 SKILL.md:307-308 SKILL.md:308-309 SKILL.md:309-310 SKILL.md:310-311 SKILL.md:311-312 SKILL.md:312-320 SKILL.md:320-336 SKILL.md:336-342 SKILL.md:342-354 SKILL.md:354-360 SKILL.md:360-399 SKILL.md:399-402 SKILL.md:402-404 SKILL.md:404-410 SKILL.md:410-422 SKILL.md:422-457 SKILL.md:457-465 SKILL.md:465-467 SKILL.md:467-474 SKILL.md:474-480 SKILL.md:480-487 SKILL.md:487-497 SKILL.md:497-499 SKILL.md:499-506 SKILL.md:506-514 SKILL.md:514-521 SKILL.md:521-531 SKILL.md:531-537 SKILL.md:537-547 SKILL.md:547-551 SKILL.md:551-563 SKILL.md:563-567 SKILL.md:567-577 SKILL.md:577-581 SKILL.md:581-588 SKILL.md:245 SKILL.md:327 SKILL.md:238-251 SKILL.md:320-336 SKILL.md:244
🌐 ネットワークアクセス (21)
assets/github-actions.yml:75 references/security_rules.md:206 references/security_rules.md:213 references/security_rules.md:251 references/security_rules.md:258 references/security_rules.md:274 references/security_rules.md:281 references/security_rules.md:333 references/security_rules.md:436 references/security_rules.md:437 references/security_rules.md:438 references/security_rules.md:439 SKILL.md:19 SKILL.md:20 SKILL.md:21 SKILL.md:41 SKILL.md:594 SKILL.md:595 SKILL.md:596 SKILL.md:597 SKILL.md:598
📁 ファイルシステムへのアクセス (1)
references/security_rules.md:206
🔑 環境変数 (4)
references/security_rules.md:250 references/security_rules.md:251 references/security_rules.md:257 references/security_rules.md:258

監査バージョン 3

安全

Jan 10, 2026, 10:21 AM

This is a pure documentation and configuration skill with no executable code. The skill provides guidance for using Hadolint, an open-source Dockerfile linter, along with CI/CD templates and configuration files for container security validation. No scripts, network calls, or file system access beyond reading user-provided Dockerfiles. All behavior matches the stated purpose of Dockerfile security linting.

9
スキャンされたファイル
1,399
解析された行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

監査バージョン 2

安全

Jan 10, 2026, 10:21 AM

This is a pure documentation and configuration skill with no executable code. The skill provides guidance for using Hadolint, an open-source Dockerfile linter, along with CI/CD templates and configuration files for container security validation. No scripts, network calls, or file system access beyond reading user-provided Dockerfiles. All behavior matches the stated purpose of Dockerfile security linting.

9
スキャンされたファイル
1,399
解析された行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

監査バージョン 1

安全

Jan 10, 2026, 10:21 AM

This is a pure documentation and configuration skill with no executable code. The skill provides guidance for using Hadolint, an open-source Dockerfile linter, along with CI/CD templates and configuration files for container security validation. No scripts, network calls, or file system access beyond reading user-provided Dockerfiles. All behavior matches the stated purpose of Dockerfile security linting.

9
スキャンされたファイル
1,399
解析された行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした
← スキルに戻る