docker-compose-orchestration

skills-sh:manutej_luxor-claude-marketplace__docker-compose-orchestration

View source

0/100

First Seen

Feb 18, 2026

Last Scanned

Feb 18, 2026

Findings

Score

0/100

HIGH 6

MEDIUM 14

LOW 2

Findings (22)

HIGH NLP_CODE_MISMATCH prompt-injection L801

services:
  redis:
    image: redis:alpine
    healthcheck:
      test: |
        sh -c '
        redis-cli ping | grep PONG &&
        redis-cli --raw incr ping | grep 1
        '
      interval: 10s...

HIGH SSRF_005 ssrf-cloud L1427

/var/run/docker.sock

HIGH SSRF_005 ssrf-cloud L1458

/var/run/docker.sock

HIGH SSRF_005 ssrf-cloud L1474

/var/run/docker.sock

HIGH SSRF_005 ssrf-cloud L1635

/var/run/docker.sock

HIGH SSRF_005 ssrf-cloud L1849

/var/run/docker.sock

MEDIUM CRED_017 credential-leak L223

environment:
      - NODE_ENV=development
      - DATABASE_URL=postgresql://postgres:password@db:5432/myapp
      - REDIS_URL=redis://cache:6379
      - JWT_SECRET=

MEDIUM CRED_017 credential-leak L247

environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=

MEDIUM CRED_017 credential-leak L326

environment:
      - SERVICE_NAME=auth
      - DATABASE_URL=postgresql://db:5432/auth_db
      - JWT_SECRET=

MEDIUM CRED_017 credential-leak L392

environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=

MEDIUM CRED_017 credential-leak L493

environment:
      - POSTGRES_PASSWORD=

MEDIUM CRED_017 credential-leak L505

environment:
      - PGADMIN_DEFAULT_EMAIL=admin@dev.local
      - PGADMIN_DEFAULT_PASSWORD=

MEDIUM CRED_017 credential-leak L865

environment:
      - POSTGRES_PASSWORD=

MEDIUM CRED_017 credential-leak L907

environment:
      - POSTGRES_PASSWORD_FILE=

MEDIUM CRED_017 credential-leak L962

environment:
      - POSTGRES_PASSWORD=

MEDIUM CRED_017 credential-leak L1186

environment:
      - MONGODB_URI=mongodb://mongo:27017/myapp
      - JWT_SECRET=

MEDIUM CRED_017 credential-leak L1201

environment:
      - MONGO_INITDB_ROOT_USERNAME=admin
      - MONGO_INITDB_ROOT_PASSWORD=

MEDIUM CRED_017 credential-leak L1240

environment:
      - SPRING_DATASOURCE_URL=jdbc:mysql://db:3306/springdb?useSSL=false
      - SPRING_DATASOURCE_USERNAME=root
      - SPRING_DATASOURCE_PASSWORD=

MEDIUM CRED_017 credential-leak L1468

environment:
      - JENKINS_URL=http://jenkins:8080
      - JENKINS_AGENT_NAME=agent1
      - JENKINS_SECRET=

MEDIUM CRED_017 credential-leak L1512

environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=

LOW THIRDPARTY_001 third-party-content L792

get --no-verbose --tries=1 --spider http:// + Setting

LOW CMDEXEC_013 command-execution L1713

./scripts/backup.sh:/backup.sh