diff --git a/yaml/transform/image.go b/yaml/transform/image.go
index 5caff74fd..a13a983cc 100644
--- a/yaml/transform/image.go
+++ b/yaml/transform/image.go
@@ -1,6 +1,7 @@
 package transform
 
 import (
+	"fmt"
 	"path/filepath"
 	"strings"
 
@@ -61,6 +62,9 @@ func ImageEscalate(conf *yaml.Config, patterns []string) error {
 	for _, c := range conf.Pipeline {
 		for _, pattern := range patterns {
 			if ok, _ := filepath.Match(pattern, c.Image); ok {
+				if len(c.Commands) != 0 {
+					return fmt.Errorf("Custom commands disabled for the %s plugin", c.Image)
+				}
 				c.Privileged = true
 			}
 		}
diff --git a/yaml/transform/image_test.go b/yaml/transform/image_test.go
index 67ff8dd0d..d5abbd6dc 100644
--- a/yaml/transform/image_test.go
+++ b/yaml/transform/image_test.go
@@ -89,6 +89,17 @@ func Test_escalate(t *testing.T) {
 			ImageEscalate(c, []string{"plugins/docker"})
 			g.Assert(c.Pipeline[0].Privileged).IsFalse()
 		})
+
+		g.It("should not escalate plugin with commands", func() {
+			c := newConfig(&yaml.Container{
+				Image:    "docker",
+				Commands: []string{"echo foo"},
+			})
+
+			err := ImageEscalate(c, []string{"docker"})
+			g.Assert(c.Pipeline[0].Privileged).IsFalse()
+			g.Assert(err.Error()).Equal("Custom commands disabled for the docker plugin")
+		})
 	})
 }