lintai docs

Appearance

Rule Reference

SEC746lintai-ai-securitystabledockerfilewarn

Dockerfile: remote script execution in RUN

Dockerfile RUN downloads remote code and executes it

Provider
lintai-ai-security
Surface
dockerfile
Scope
per_file
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

supply-chainmembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Checks committed Dockerfiles for RUN instructions that fetch remote content and pipe it into a shell.

Deterministic signal basis

DockerfileSignals line analysis over `RUN` instructions for download-exec patterns such as `curl` or `wget` piped to `sh` or `bash`.

Malicious corpus
dockerfile-run-download-exec
Benign corpus
dockerfile-safe-run
structured evidence required remediation reviewed
Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC747Dockerfile: final stage runs as rootDockerfile final stage explicitly runs as rootdockerfilestable
SEC749Dockerfile: mutable registry image in FROMDockerfile FROM uses a mutable registry image without a digest pindockerfilestable
SEC751Dockerfile: latest or implicit-latest base image tagDockerfile FROM uses a latest or implicit-latest image tagdockerfilestable

Why It Matters

Remote script execution in a committed Dockerfile turns every image build into a code-fetching trust boundary, which weakens reproducibility and makes supply-chain review significantly harder.

What Triggers

SEC746 matches RUN instructions in Dockerfile content when they fetch remote content with tools like curl or wget and pipe it directly into sh or bash.

False Positives

Ordinary package-manager installs or local script execution do not trigger this rule. The rule is intentionally focused on direct download-and-exec behavior.

Remediation

Vendor or pin reviewed build inputs instead of piping remote content into a shell during image build.