Docker

The docker check group covers destructive Docker operations that can remove containers, images, volumes, and networks.

Docker checks

System prune (all)


ID	`docker:system_prune_all`
Severity	High
Alternative	`docker system prune` -- without `-a`, only dangling images are removed
Blast radius	Counts images, containers, and volumes on the system

# Triggers
docker system prune -a
docker system prune --all

Force remove all containers


ID	`docker:force_remove_all_containers`
Severity	High
Blast radius	Counts running containers

# Triggers
docker rm -f $(docker ps -aq)
docker rm --force $(docker ps -aq)

Force remove images


ID	`docker:force_remove_images`
Severity	High

# Triggers
docker rmi -f my-image:latest
docker rmi --force $(docker images -q)

Remove volume


ID	`docker:remove_volume`
Severity	High

# Triggers
docker volume rm my-data-volume
docker volume rm postgres_data redis_data

Volume prune


ID	`docker:volume_prune`
Severity	High
Blast radius	Counts unused volumes

# Triggers
docker volume prune

Remove network


ID	`docker:remove_network`
Severity	Medium

# Triggers
docker network rm my-network

Compose down with volumes


ID	`docker:compose_down_volumes`
Severity	High
Alternative	`docker-compose down` -- without `-v`, volumes are preserved

# Triggers
docker-compose down -v
docker-compose down --volumes
docker compose down -v

Stop all containers


ID	`docker:stop_all_containers`
Severity	Medium
Blast radius	Counts running containers

# Triggers
docker stop $(docker ps -q)

Blast radius support

Docker checks with blast radius compute real-time counts from your Docker daemon:

System prune queries docker images -q, docker ps -aq, and docker volume ls -q to count what would be removed
Force remove containers queries docker ps -q for running container count
Volume prune queries docker volume ls -q for unused volume count
Stop all queries docker ps -q for running container count

Example output:

============ RISKY COMMAND DETECTED ============
Severity: HIGH
Description: This will remove all unused Docker data including stopped containers,
  networks, dangling images, and build cache.
Blast radius: Prunes up to 15 images, 4 containers, 3 volumes
Alternative: docker system prune
  (Without -a, only dangling images are removed instead of all unused images.)

? Solve the challenge:: 9 + 3 = ? Esc to cancel ›

All blast radius queries run with a 3-second timeout and degrade gracefully if Docker is not running or the query times out.