dockge-image-update-checker/SECURITY.md

Security

Report security issues privately to the repository owner.

Runtime Access

This service reads Dockge stack files and Docker Engine image metadata. Mounting the Docker socket gives broad host-level power to any process with write access to it, so deploy this service only in trusted environments and keep the socket mount read-only at the container level.

Secrets

Do not commit registry credentials, Gitea tokens, .env files, private keys, certificates, or Docker config files.