Will It Vibe logoWill It Vibe?
K8S-004High severity-15 points

Container runs as root (runAsUser: 0)

Part of Security, which counts for 30% of the overall score. When this check fires it deducts 15 points from that category, once per scan, no matter how many places it turns up.

What it detects

securityContext.runAsUser: 0 runs the container process as root, so a breakout is root on the node.

Why it matters

runAsUser: 0 explicitly runs the container process as root. That undoes the protection of running unprivileged and means any container escape starts with root on the node. Most applications run fine as a normal user once file permissions are set correctly.

How to fix it

Change runAsUser to a non-zero UID (1000 is a common choice) and set runAsNonRoot: true. Update the image if needed so the application owns the directories it writes to. For images that hardcode root, rebuild with a dedicated non-root user and correct ownership.

The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing

Does your repo trip this check?

Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.

Scan your repo

Related Security checks