From oh-my-claudecode
Review Dockerfile, docker-compose, and container configuration for security, performance, and best practices
How this skill is triggered — by the user, by Claude, or both
Slash command
/oh-my-claudecode:docker-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Review container configurations for security, performance, image size optimization, and production best practices.
Review container configurations for security, performance, image size optimization, and production best practices.
This skill activates when:
Delegates to the ops-engineer agent (Opus model) with container-specific review criteria:
Dockerfile Best Practices
Security
Performance & Size
docker-compose Configuration
Production Readiness
Task(
subagent_type="oh-my-claudecode:ops-engineer",
model="opus",
prompt="DOCKER REVIEW TASK
Review Dockerfile and container configuration for security, performance, and production readiness.
Scope: [Dockerfile, docker-compose.yml, or k8s manifests]
Review Checklist:
1. Multi-stage build usage
2. Security (non-root, no secrets in image, pinned versions)
3. Image size optimization
4. docker-compose service configuration
5. Health checks and graceful shutdown
6. Resource limits and logging
Output: Docker review report with:
- Line-by-line Dockerfile assessment
- Security vulnerabilities found
- Image size optimization suggestions
- docker-compose configuration issues
- Production readiness checklist"
)
DOCKER REVIEW REPORT
====================
Image: myapp:latest
Base: node:20 → Recommendation: node:20-alpine
Estimated Size: ~1.2GB → Optimized: ~150MB
DOCKERFILE ANALYSIS
-------------------
Line 1: FROM node:20
⚠️ Use node:20-alpine for 10x smaller image
⚠️ Pin exact version: node:20.11.0-alpine
Line 5: COPY . .
❌ Copies everything including node_modules, .git, tests
Fix: Add .dockerignore or COPY package*.json first
Line 8: RUN npm install
⚠️ Use npm ci --only=production for reproducible builds
⚠️ Should be before COPY . . for layer caching
Line 12: USER root
❌ CRITICAL: Running as root in production
Fix: Add USER node or create custom non-root user
Line 15: (missing)
❌ No HEALTHCHECK instruction
Fix: HEALTHCHECK CMD curl -f http://localhost:3000/health || exit 1
SECURITY ISSUES
---------------
1. Running as root (CRITICAL)
2. Base image not pinned (MEDIUM)
3. No .dockerignore file (LOW)
DOCKER-COMPOSE ISSUES
-----------------------
1. No resource limits set (services.app)
Fix: deploy.resources.limits: { memory: 512M, cpus: '0.5' }
2. No health check in depends_on
Fix: depends_on: { db: { condition: service_healthy } }
3. Secrets in environment variables
Fix: Use Docker secrets or external vault
OPTIMIZED DOCKERFILE
--------------------
(Provides rewritten Dockerfile with all fixes applied)
RECOMMENDATION: Fix CRITICAL security issues before deployment.
Full Infrastructure Review:
/docker-review then /ops-check
Container + operational readiness review.
With Ralph:
/ralph docker-review then optimize Dockerfile
Review, fix, re-review until optimal.
npx claudepluginhub limzzum/oh-my-claudecodeCreates structured, bite-sized implementation plans from specs or requirements before writing code. Useful for breaking down multi-step tasks into testable steps with file structure and task boundaries.