lintai docs

Appearance

Rule Reference

SEC755lintai-ai-securitythreat-reviewsecuritystabledevcontainerwarn

Devcontainer: sensitive local bind mount

Devcontainer config bind-mounts sensitive local host material

Public lane
threat-review
Category
security
Provider
lintai-ai-security
Scope
per-file
Surface
devcontainer
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message only
How to read this lane

Explicit malicious, secret-bearing, or spyware-like review.

How to read this category

Strong exploit, secret, or unsafe-execution signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

threat-reviewsidecar lane

Lifecycle

Stable Lifecycle Contract

State

stable

Graduation rationale

Checks committed devcontainer configs for explicit host-exposure through bind mounts of sensitive local material such as SSH keys, cloud credentials, kubeconfig, or docker.sock.

Deterministic signal basis

DevcontainerSignals semantic JSON parsing plus exact value-span resolution for sensitive bind mounts in `workspaceMount`, `mounts`, or Docker-style `runArgs` mount flags.

Malicious corpus
devcontainer-sensitive-bind-mount
Benign corpus
devcontainer-safe-workspace-mount
structured evidence required remediation reviewed
Canonical note

Structural stable rule positioned as an explicit threat-review control: high-signal malicious, credential-bearing, or spyware-like behavior that stays opt-in rather than shaping the quiet default.

Nearby Signals

Related Rules

SEC754Devcontainer: host-side initializeCommandDevcontainer config defines a host-side initializeCommandthreat-reviewsecuritydevcontainer

Why It Matters

Committed devcontainer configs can silently expose local host secrets and control surfaces inside the container. Mounting SSH material, cloud credentials, kubeconfig, or docker.sock increases the blast radius of any compromised process inside the dev environment.

SEC755 is positioned in the explicit threat-review lane because it describes direct host-secret and host-control-surface exposure, not a narrower reproducibility concern.

What Triggers

SEC755 matches .devcontainer.json and .devcontainer/devcontainer.json when they bind-mount sensitive local host paths through:

  • mounts
  • workspaceMount
  • Docker-style runArgs mount flags

Covered host-sensitive sources include patterns such as .ssh, .aws, .kube, .config/gcloud, and /var/run/docker.sock.

False Positives

The rule is intentionally scoped to explicit bind mounts of sensitive host material. Ordinary workspace mounts and non-sensitive cache or data mounts do not trigger it.

Remediation

Remove sensitive host bind mounts from committed devcontainer config and keep credentials or daemon sockets outside the container definition.