Container runs as root (runAsUser: 0)
Part of Security, which counts for 30% of the overall score. When this check fires it deducts 15 points from that category, once per scan, no matter how many places it turns up.
What it detects
securityContext.runAsUser: 0 runs the container process as root, so a breakout is root on the node.
Why it matters
runAsUser: 0 explicitly runs the container process as root. That undoes the protection of running unprivileged and means any container escape starts with root on the node. Most applications run fine as a normal user once file permissions are set correctly.
How to fix it
Change runAsUser to a non-zero UID (1000 is a common choice) and set runAsNonRoot: true. Update the image if needed so the application owns the directories it writes to. For images that hardcode root, rebuild with a dedicated non-root user and correct ownership.
The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing
Does your repo trip this check?
Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.
Scan your repo