Dockerfile Hardener

    by Timoranjes

    1

    A security auditor that identifies Docker vulnerabilities, scores configurations, and generates hardened replacements.

    Free

    1 installNo reviews yet

    Works with the AI tools you already use

    CClaude CodeCCursorCCodex CLIGGitHub CopilotGGemini CLIVVS CodeWWindsurf+15 more

    About this skill

    What it does

    The Dockerfile Hardener is a specialized security auditor designed to analyze container configurations for vulnerabilities, anti-patterns, and compliance issues. It performs a deep-dive scan into image selection, layer optimization, secret handling, and runtime hardening parameters.

    Why use this skill

    Vulnerable Docker images are a primary entry point for container escapes and supply chain attacks. Standard prompting often fails to catch subtle issues like SUID binaries, cache-busting anti-patterns, or unpinned dependencies. This skill uses a rigorous, multi-point scoring system to evaluate your Dockerfile against industry-standard hardening benchmarks.

    What you get

    • Security Audit Report: A detailed breakdown of CRITICAL to LOW severity findings with line numbers and specific remediation steps.
    • Hardening Score: A letter grade (A-F) based on a 100-point security assessment.
    • Refactored Dockerfile: A fully rewritten, production-ready replacement utilizing multi-stage builds, non-root users, and BuildKit optimizations.
    • CI/CD Snippets: Ready-to-use configurations for GitHub Actions and GitLab CI.

    Supported Protocols & Tools

    The skill follows OCI standards and supports standard Dockerfiles, OCI-compliant images, and integrations with linters like Hadolint. It covers ecosystems including Node.js, Python, Go, and Java via Alpine, Distroless, and Debian-slim base images.

    Details

    How to install

    Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.

    Reviews

    No reviews yet - be the first to share your experience.

    Only users who have downloaded or purchased this skill can leave a review.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell
    Network Access

    Allowed Hosts

    github.com

    File Scopes

    dockerfile-hardener/**

    Creator

    Frequently Asked Questions

    Browse More Skills

    Free