Supply chain attacks mean you need to trust your choice of suppliers, trust their security posture and choice of suppliers and so on. Even docker itself has FROM and often a few "apt get" (or similar) commands to build the image. Even with no file access, they can exfiltrate data.
This and MCP, IoT all the things, vibe coding, AI impersonation for social attacks and cryptocurrency rewards it's a golden age for criminal hackers!
You can say the same about the vast majority of distribution methods we have. There's no difference between `curl | sh` and executing a binary you download from the internet.
Checksums and signatures make it slightly better. At least you can go from OK to vulnerable by downloading the same thing as an hour ago. But if you upgrade then yeah.
This and MCP, IoT all the things, vibe coding, AI impersonation for social attacks and cryptocurrency rewards it's a golden age for criminal hackers!