Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
How this skill is triggered — by the user, by Claude, or both
Slash command
/hatch3r:hatch3r-cli-dockerThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
<!-- HATCH3R-CLI-SKILL-GENERATED v1 -->
Daemonless, rootless OCI container engine (Docker alternative). Forks per-pod processes directly under the invoking user without a privileged daemon; suited for hardened CI workers.
Guides Docker usage: debugging container failures, writing Dockerfiles, docker-compose for integration tests, image optimization, volumes, multi-stage builds, and deployments.
Docker and Podman container management: Dockerfile optimization, multi-stage builds, Compose v2 orchestration, networking, volumes, security hardening, supply chain integrity, health checks, resource limits, Quadlet systemd integration, and debugging. Invoke whenever task involves any interaction with containers — writing Dockerfiles, configuring Compose, managing Podman Quadlets, reviewing container security, debugging container issues, or setting up image signing and scanning.
Share bugs, ideas, or general feedback.
Container runtime and CLI
Reach for docker when the task is in the container category and the agent would otherwise call an MCP tool or read large outputs into context.
CLI tools return structured stdout that fits in <1KB for typical queries; equivalent MCP calls regularly exceed 10KB. Reference: Anthropic engineering (Nov 4 2025) — code-execution-over-MCP yields 98.7% token reduction.
docker build -t myapp:dev .
Build a local tag from the cwd Dockerfile; layer cache hits keep rebuilds under a second.
docker run --rm -v "$PWD":/app -w /app node:22 npm test
Run a one-shot test container with the host repo mounted — no image rebuild, no leftover container.
docker compose up -d --build
Bring up the multi-service stack from docker-compose.yml in the background, rebuilding stale images.
docker run --rm -e DEBUG=1 myapp:dev sh -c 'env | sort'
Inspect the runtime environment a container actually sees; useful for diagnosing missing env vars.
docker inspect myapp:dev --format '{{.Config.Cmd}} {{.Config.Entrypoint}}'
Extract a single image setting via Go template — avoids piping 10KB of JSON to jq.
docker ps --format '{{.ID}} {{.Names}} {{.Status}}' --filter status=running
Compact running-container summary; one line per container, easy to grep.
container-use provides that without a long-running daemon.kubectl/helm; docker run does not understand cluster semantics.podman and rootless containers — prefer it for security; the CLI surface is nearly identical.| Tool | When to prefer |
|---|---|
podman | Want rootless containers and a daemonless model. |
container-use | Need lightweight per-agent isolation; no service orchestration. |
nerdctl | Existing containerd installation; do not need Docker Desktop. |
Verify with:
command -v docker
Install (mac):
# brew
brew install --cask docker
Homepage: https://docs.docker.com/get-docker/