HackerOne bug report to GitLab: GitLab-Runner, when running on Windows with a docker
executor, is vulnerable to Command Injection via the DOCKER_AUTH_CONFIG
build variable. Injected commands are executed on the container host, not within a Docker container, as such could compromise all future builds which are executed by the runner.