Scan results · a7e137f
main · 2 critical · 14 high · 59 medium · 82 low
- low Nonsensical Command Dockerfile:40
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer JSON Notation for CMD/ENTRYPOINT Dockerfile:49
Use JSON notation (exec form) for CMD/ENTRYPOINT for proper signal handling.
- low Use Absolute Path in WORKDIR Dockerfile.mcp:12
WORKDIR should use absolute paths starting with /.
- low Nonsensical Command Dockerfile.mcp:15
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Missing -y flag for apt-get Dockerfile.mcp:15
apt-get install without -y flag. Add -y or --yes for non-interactive builds.
- low apt-get Without --no-install-recommends Dockerfile.mcp:15
apt-get install without --no-install-recommends. This installs unnecessary packages, increasing image size and attack surface.
- low Remove apt Package Lists Dockerfile.mcp:15
apt-get install without removing /var/lib/apt/lists/*. This wastes image space.
- low Prefer apt-get over apt Dockerfile.mcp:15
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command Dockerfile.mcp:22
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low pip install Without --no-cache-dir Dockerfile.mcp:22
pip install without --no-cache-dir. Pip cache remains in image, adding 50-200 MB depending on dependencies.
Get this for your repo.
Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.