qdrant

skills-sh:giuseppe-trisciuoglio_developer-kit__qdrant

View source

100/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

100/100

LOW 2

Findings (2)

LOW

Unscoped Bash tool in allowed tools INDIRECT_010

command-execution L7

Detects skills that include unscoped Bash in their allowed tools list (not Bash(cmd:*) scoped)

allowed-tools: Read, Write, Edit, Bash,

FIX

Scope the Bash tool to specific commands using allowedTools patterns (e.g., Bash(git *) instead of bare Bash). Remove blanket Bash access from allowed_tools lists.

FP?

Likely FP if the Bash entry in allowed_tools is part of a constrained configuration that limits commands elsewhere (e.g., via system prompt restrictions).

LOW

Docker pull and run untrusted image EXTDL_015

external-download L118

Detects pulling and running Docker images from external registries

docker pull qdrant/qdrant

FIX

Pin Docker images to a specific digest (e.g., image@sha256:abc...) instead of using mutable tags like :latest. Use trusted base images from verified publishers.

FP?

Likely FP if the Docker command pulls a well-known official image (e.g., docker pull python:3.11) in setup documentation.