YYour GPT for coding. Contextualize your codebase with a powerfully chained AIThe Search For A Refined Coding ChatGPT for Software Engineers

mcp-so:CodeMasterPro_StefanKumarasinghe

View source

92/100

First Seen

Feb 19, 2026

Last Scanned

Feb 20, 2026

Findings

Score

92/100

MEDIUM 1

LOW 1

Findings (2)

MEDIUM

Docker pull and run untrusted image EXTDL_015

external-download L34

Detects pulling and running Docker images from external registries

docker
pull stefankumarasinghe/codemasterpro

FIX

Pin Docker images to a specific digest (e.g., image@sha256:abc...) instead of using mutable tags like :latest. Use trusted base images from verified publishers.

FP?

Likely FP if the Docker command pulls a well-known official image (e.g., docker pull python:3.11) in setup documentation.

LOW

Docker environment credentials CRED_017

credential-leak L36

Detects Docker or docker-compose commands passing credentials via environment variables

docker
run
-e
GOOGLE_API_KEY
=

FIX

Remove credential values from Docker environment flags (-e) and docker-compose environment sections. Use Docker secrets, .env files (in .dockerignore), or a secrets manager.

FP?

Likely FP if the Docker environment variable has an empty or placeholder value (e.g., -e API_KEY= or -e PASSWORD=changeme) in setup documentation.