Avoid trusting keys from a remote http webserver
to prevent adversaries injecting code.

Also reduce the number of RUN calls to have fewer layers. I heard, this is recommended (for better performance?)