Skill

auditing

Use when checking Docker configuration for security gaps, performance issues, or production readiness problems in Dockerfile or docker-compose.yml

npx claudepluginhub jugrajsingh/skillgarden --plugin dockercraft

Tool Access

This skill is limited to using the following tools:

ReadGlobGrepTaskAskUserQuestion

Preview

Comprehensive audit of Dockerfile and docker-compose.yml against best practices.

Supporting Assets

references/audit-checks.md

SKILL.md

Similar Skills

memory-forensics

33.0k

Acquire memory dumps from live systems/VMs and analyze with Volatility 3 for processes, networks, DLLs, injections in incident response or malware hunts.

reverse-engineering

binary-analysis-patterns

33.0k

Provides x86-64/ARM disassembly patterns, calling conventions, control flow recognition for static analysis of executables and compiled binaries.

reverse-engineering

anti-reversing-techniques

33.0k

Identifies anti-debugging checks like IsDebuggerPresent, NtQueryInformationProcess in Windows binaries; suggests bypasses via patches/hooks/scripts for malware analysis, CTFs, authorized RE.

1 file

reverse-engineering

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitMar 26, 2026

Actions

View Source View Plugin View on GitHub View README

Audit Docker Configuration

Comprehensive audit of Dockerfile and docker-compose.yml against best practices.

Checks

Read references/audit-checks.md for the full checklist. Four categories:

Security - Non-root USER, no secrets in ENV/ARG, pinned base images, no --privileged, .dockerignore
Performance - Multi-stage builds, deps before source, cache mounts, minimal base image
Production Readiness - HEALTHCHECK, exec form CMD, PID 1 handling, restart policy, resource limits
Compose - Named networks/volumes, health conditions, no hardcoded secrets

Workflow

1. Find Docker Files

Glob: Dockerfile, Dockerfile.*, docker-compose*.yml, docker-compose*.yaml, .dockerignore

2. Run Checks

For each file found, evaluate all relevant checks.

3. Dispatch Reviewer Agent

For detailed Dockerfile analysis, dispatch the dockerfile-reviewer agent:

Task: dockerfile-reviewer agent
Input: Dockerfile path and optional compose path
Output: Structured review with severity levels

4. Generate Report

Use the audit-report.md template. Fill in:

Security checks with pass/fail/partial indicators
Performance checks
Production readiness checks
Compose checks (if applicable)
Findings with file:line references
Recommendations by priority

5. Ask About Fixes

After presenting the report, ask via AskUserQuestion:

"Fix all issues" - Apply automatic fixes where possible
"Fix critical only" - Only security and production issues
"Report only" - No changes

Priority Classification

Priority	Criteria
High	Security: root user, secrets in image, no .dockerignore
Medium	Performance: no multi-stage, no cache mounts, large base image
Low	Production: missing HEALTHCHECK, shell form CMD, no resource limits