lintai docs

Appearance

Rule Reference

SEC746lintai-ai-securitysupply-chainsecuritystabledockerfilewarn

Dockerfile: remote script execution in RUN

Dockerfile RUN downloads remote code and executes it

Public lane
supply-chain
Category
security
Provider
lintai-ai-security
Scope
per-file
Surface
dockerfile
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message only
How to read this lane

Reproducibility, provenance, and dependency hardening review.

How to read this category

Strong exploit, secret, or unsafe-execution signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

supply-chainsidecar lane

Lifecycle

Stable Lifecycle Contract

State

stable

Graduation rationale

Checks committed Dockerfiles for RUN instructions that fetch remote content and pipe it into a shell.

Deterministic signal basis

DockerfileSignals line analysis over `RUN` instructions for download-exec patterns such as `curl` or `wget` piped to `sh` or `bash`.

Malicious corpus
dockerfile-run-download-exec
Benign corpus
dockerfile-safe-run
structured evidence required remediation reviewed
Canonical note

Structural stable rule positioned as a supply-chain hardening control: high-precision and actionable, but not a blanket claim of direct repository compromise.

Nearby Signals

Related Rules

SEC747Dockerfile: final stage runs as rootDockerfile final stage explicitly runs as rootsupply-chainhardeningdockerfile
SEC749Dockerfile: mutable registry image in FROMDockerfile FROM uses a mutable registry image without a digest pinsupply-chainhardeningdockerfile
SEC751Dockerfile: latest or implicit-latest base image tagDockerfile FROM uses a latest or implicit-latest image tagsupply-chainhardeningdockerfile

Why It Matters

Remote script execution in a committed Dockerfile turns every image build into a code-fetching trust boundary, which weakens reproducibility and makes supply-chain review significantly harder.

What Triggers

SEC746 matches RUN instructions in Dockerfile content when they fetch remote content with tools like curl or wget and pipe it directly into sh or bash.

False Positives

Ordinary package-manager installs or local script execution do not trigger this rule. The rule is intentionally focused on direct download-and-exec behavior.

Remediation

Vendor or pin reviewed build inputs instead of piping remote content into a shell during image build.