| Version | Supported |
|---|---|
| 0.1.x | Yes |
Please report security vulnerabilities through GitHub's private vulnerability reporting:
- Go to the Security tab
- Click Report a vulnerability
- Fill out the form with details about the issue
Do not open a public issue for security vulnerabilities.
- Acknowledgment: within 7 days
- Status update: within 30 days
- Fix timeline: depends on severity and complexity
This extension runs Docker CLI commands on behalf of the user through the Docker Desktop Extension SDK. Security-relevant areas include:
- Command injection via runbook command fields
- Import/export file handling
- localStorage data integrity