2

    docker-compose-linter

    by Zicheng Liao

    Enforce security, reliability, and deployment best practices for Docker Compose files.

    Updated May 2026
    0 installs

    Free

    One-time purchase

    Included in download

    • Downloadable skill package
    • 2 permissions declared
    • Instant install

    See it in action

    A real example of what this skill takes in and produces.

    Sample output

    🔴 CRITICAL - Hardcoded secret: DB_PASSWORD on line 12. Move to env_file or Docker secrets. 🟡 WARNING - Image 'redis:latest' is unpinned. Recommend: redis:7.2-alpine. 🟡 WARNING - Missing healthcheck for service 'api'. Add a healthcheck to ensure service readiness. ✅ PASS - Resource limits defined.

    About This Skill

    What it does

    This skill provides a comprehensive security and reliability audit for Docker Compose configurations. It scans docker-compose.yml and compose.yaml files to detect misconfigurations that lead to security vulnerabilities, performance bottlenecks, and deployment failures.

    Why use this skill

    Manual review of infrastructure-as-code is error-prone. This skill automates a 14-point quality gate that is more rigorous than standard YAML validation. While basic AI prompts might catch syntax errors, this skill enforces industry best practices like non-root execution, resource capping, image pinning, and network isolation that are often overlooked by developers focused on "just making it work."

    What it covers

    • Security Audit: Detects hardcoded secrets, privileged mode, dangerous capabilities, and exposed database ports.
    • Reliability: Validates healthchecks, restart policies, and ensures resource limits are defined to prevent host exhaustion.
    • Architecture: Recommends internal networking for backend services and image pinning to specific tags (no :latest).
    • Modern Standards: Flags deprecated version fields and recommends service_healthy conditions for dependencies.

    Output Format

    The skill generates a categorized report with 🔴 CRITICAL, 🟡 WARNING, and ✅ PASS indicators, providing line-specific locations and clear remediation steps for every finding.

    Use Cases

    • Detect and remediate hardcoded secrets in environment variables
    • Implement CPU and memory limits to prevent container resource exhaustion
    • Secure internal databases by removing unnecessary host port mappings
    • Modernize compose files by removing deprecated fields and pinning image tags

    Reviews

    No reviews yet - be the first to share your experience.

    Only users who have downloaded or purchased this skill can leave a review.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell
    Network Access

    File Scopes

    docker-compose-linter/**

    Tags

    docker-compose
    devops
    security-audit_4
    infrastructure-as-code
    containers

    Creator

    Zicheng Liao

    Frequently Asked Questions

    Learn More About AI Agent Skills

    More Premium Skills

    software-architect

    A structured framework for planning, reviewing, and evolving complex software systems with explicit trade-offs.

    $52 installs

    designing-hybrid-context-layers

    Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.

    $1012 installs

    consumer-motivation-analyzer

    Go beyond surface-level feedback to uncover the psychological drivers and hidden motivations behind buyer behavior.

    $199 installs

    keyword-research

    Transform URLs or product lists into SEO keyword research packs with Google Ads data and intent-based clustering.

    $77 installs

    Free