creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-docker-bench-security-assessment/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

1.1 KiB
Raw Blame History

API Reference — Performing Docker Bench Security Assessment

Libraries Used

  • subprocess: Run docker-bench-security container and docker inspect commands
  • json: Parse docker inspect JSON output

CLI Interface

python agent.py bench        # Run full docker-bench-security
python agent.py containers   # Check running container configurations

Core Functions

run_docker_bench()

Runs the docker/docker-bench-security container with host access for CIS benchmark checks.

parse_bench_output(output)

Parses [WARN], [PASS], [NOTE] lines into structured findings with sections.

check_container_configs()

Inspects all running containers for CIS Docker Benchmark violations.

CIS Checks Performed on Containers

Check CIS ID Severity
Privileged mode 5.4 CRITICAL
Host PID namespace 5.15 HIGH
Host network namespace 5.13 HIGH
Dangerous capabilities 5.3 HIGH
Running as root 4.1 MEDIUM
Sensitive host mounts 5.5 HIGH

Dependencies

Docker must be installed and accessible. No Python packages required beyond stdlib.

Reference in New Issue View Git Blame Copy Permalink