Is semgrep-agent Safe? Docker Container Security Analysis 2026
semgrep-agent is a Docker container by returntocorp with a Nerq Trust Score of 63/100 (Grade C). Verdict: CAUTION. Docker containers execute arbitrary code — always verify trust before pulling. 12.9M total pulls. Last analyzed April 2026.
63
Trust Score
C
Grade
12.9M
Pulls
1
Stars
About semgrep-agent
A specialized Docker image for running Semgrep in CI environments.
Container Security Details
Docker containers can access host resources, network, and data. This analysis evaluates the publisher's trustworthiness, image maintenance, and known security issues.
| Publisher | returntocorp |
|---|---|
| Source | Docker Hub |
| Total Pulls | 12,859,057 |
| Stars | 1 |
| Security Score | Pending/100 |
| Activity Score | Pending/100 |
| Documentation | Pending/100 |
| EU AI Act Class | Pending |
Similar Containers
| Container | Pulls | Trust |
|---|---|---|
| ollama | 86.0M | 63 |
| pr-agent | 10.5M | 63 |
| localai | 2.3M | 63 |
| fetch | 1.3M | 64 |
| qwen3 | 514.7K | 63 |
| llama3.2 | 381.3K | 63 |
Frequently Asked Questions
Is the semgrep-agent Docker image safe?
semgrep-agent has a Nerq Trust Score of 63/100 (Grade C). Verdict: caution. Docker containers can execute arbitrary code, so always verify trust before pulling.
Does semgrep-agent have vulnerabilities?
Security score: pending/100. Check the full analysis above for CVE data, maintenance status, and community trust signals.
How many people use semgrep-agent?
semgrep-agent has 12.9M pulls on Docker Hub, indicating widespread adoption.
What are alternatives to semgrep-agent?
See similar containers listed above, ranked by trust score and pull count.
Is semgrep-agent maintained?
Activity score: pending/100. A higher score indicates more recent updates and active maintenance.
Disclaimer: Nerq trust scores are automated assessments. Not endorsements. Last updated April 2026.