log-aggregation

skills-sh:aj-geddes_useful-ai-prompts__log-aggregation

View source

76/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

76/100

MEDIUM 3

Findings (3)

MEDIUM

Docker socket access SSRF_005

ssrf-cloud L74

Detects attempts to access the Docker daemon socket

/var/run/docker.sock

FIX

Block access to cloud provider IAM and credential endpoints from agent tools. Implement egress filtering to prevent requests to cloud control plane APIs.

FP?

Likely FP if the match is documentation about cloud IAM setup rather than code that programmatically accesses IAM endpoints.

MEDIUM

Kubernetes service discovery SSRF_003

ssrf-cloud L108

Detects Kubernetes internal service URLs and secret paths

/var/run/secrets/kubernetes.io

FIX

Validate and sanitize all user-provided URLs before making server-side requests. Resolve DNS and verify the IP is not in a private range before connecting.

FP?

Likely FP if the URL fetch is for a well-known public API endpoint that is hardcoded (not user-controlled) in the tool configuration.

MEDIUM

Docker socket access SSRF_005

ssrf-cloud L207

Detects attempts to access the Docker daemon socket

/var/run/docker.sock

FIX

Block access to cloud provider IAM and credential endpoints from agent tools. Implement egress filtering to prevent requests to cloud control plane APIs.

FP?

Likely FP if the match is documentation about cloud IAM setup rather than code that programmatically accesses IAM endpoints.