← Back to Skills Marketplace
2306
Downloads
1
Stars
11
Active Installs
1
Versions
Install in OpenClaw
/install moltbot-docker
Description
Enables the bot to manage Docker containers, images, and stacks.
Usage Guidance
This skill appears to do what it says (manage Docker), but there are practical and security gaps you should address before installing:
- Verify the runtime: the SKILL.md expects the docker CLI and access to Docker daemon (e.g., /var/run/docker.sock). Confirm whether your agent environment actually provides Docker and whether the socket is exposed. Access to the Docker daemon is equivalent to root on the host — treat it as highly sensitive.
- Ask the skill author (or registry) to fix the metadata inconsistency (declare docker as a required binary) and to document whether it intends to use a local Docker socket or a remote/limited API.
- Restrict where this skill runs: if possible, run it in an isolated sandbox or against a remote Docker endpoint with least privilege rather than exposing the host Docker socket.
- Consider disabling autonomous invocation or require explicit user confirmations for destructive operations (rm, rmi, system prune) — the SKILL.md already recommends this but enforce it in the agent config.
- Be cautious about logs/inspect output: container logs and inspect can contain secrets or private data. Treat any data the skill returns as potentially sensitive.
If you can't confirm the environment and the author, test the skill in a disposable VM/container first or decline installation.
Capability Analysis
Type: OpenClaw Skill
Name: moltbot-docker
Version: 1.0.0
The skill requests access to the `docker` binary, a powerful tool that, when executed, often operates with elevated privileges (e.g., as root or in the docker group). While the `SKILL.md` instructions list legitimate Docker management commands and even include safety rules for destructive actions, the inherent capability to execute arbitrary `docker` commands (including `docker inspect` which can reveal sensitive container configurations) represents a significant risk. This falls under 'risky capabilities without clear malicious intent' as it provides a powerful attack surface for potential privilege escalation or host compromise if the agent or the underlying Docker daemon is exploited, even though the skill itself does not explicitly instruct malicious behavior.
Capability Assessment
Purpose & Capability
SKILL.md clearly implements a Docker manager (running docker ps, logs, inspect, rm, rmi, system prune). However, the registry metadata for the skill lists no required binaries while the skill header declares bins: ["docker"] — that's an inconsistency that should be clarified.
Instruction Scope
The runtime instructions are narrowly focused on Docker commands and include sensible safety rules (ask before rm/rmi/prune). They do instruct the agent to run docker logs/inspect which can expose sensitive container output (environment variables, secrets, files) and may leak data if transmitted. The instructions do not reference unrelated files or credentials.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest installation risk. Nothing is written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which is fine. However, practical use requires access to the Docker CLI and to the Docker daemon (typically via /var/run/docker.sock or equivalent API). That socket grants effectively root-level control over the host; the SKILL.md does not mention this or recommend running against a restricted/remote Docker endpoint.
Persistence & Privilege
always:false and no install actions — the skill does not request permanent presence or modify other skills. Note: model invocation is allowed (agent can run autonomously) by default; combined with Docker daemon access, autonomous actions could have high impact, so consider limiting autonomy or requiring explicit confirmations.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install moltbot-docker - After installation, invoke the skill by name or use
/moltbot-docker - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Docker Manager skill.
- Manage Docker containers, images, and stacks via built-in Docker commands.
- Provides command templates for common container and image operations.
- Includes safety rules to confirm critical or destructive actions.
- Guides troubleshooting with log and inspect commands.
Metadata
Frequently Asked Questions
What is MoltDocker?
Enables the bot to manage Docker containers, images, and stacks. It is an AI Agent Skill for Claude Code / OpenClaw, with 2306 downloads so far.
How do I install MoltDocker?
Run "/install moltbot-docker" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MoltDocker free?
Yes, MoltDocker is completely free (open-source). You can download, install and use it at no cost.
Which platforms does MoltDocker support?
MoltDocker is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MoltDocker?
It is built and maintained by mkrdiop (@mkrdiop); the current version is v1.0.0.
More Skills