← 返回 Skills 市场
ugvfpdcuwfnh

Docker Container Rerun

作者 HongWei Jiang · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
120
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install docker-container-rerun
功能描述
Safely check whether a Docker container's image has changed and, only when needed, recreate that docker run container with a user-provided original docker ru...
使用说明 (SKILL.md)

Docker Container Rerun

Update a docker run container with a conservative workflow.

Required Inputs

Require both of these from the user:

  • container_name
  • recreate_command

Treat recreate_command as the source of truth. Do not try to reconstruct missing flags from docker inspect.

Scope

Support only containers originally managed by docker run.

Do not use this skill for:

  • docker compose
  • guessing or synthesizing missing run flags
  • deleting volumes
  • docker system prune
  • changing environment variables, mounts, ports, labels, or networks unless the user explicitly changed the recreate command

Update Rule

Always compare image Id values, not repo digests.

Use this exact logic:

  1. Read current image Id from the running container: 
    docker inspect -f '{{.Image}}' \x3Ccontainer_name>
  2. Extract the image reference from recreate_command.
  3. Pull the latest version of that image: 
    docker pull \x3Cimage>
  4. Read the latest local image Id: 
    docker image inspect \x3Cimage> --format '{{.Id}}'
  5. Recreate the container only if the two Id values differ.

Safety Rules

Before any destructive action, restate the exact recreate command that will be used.

If recreate_command is missing, ambiguous, or not clearly a docker run command, stop and ask the user to provide a valid full command.

If the image cannot be extracted from recreate_command, stop and ask the user to provide the image explicitly inside the command.

Never silently modify the recreate command.

Prefer this sequence when update is needed:

docker stop \x3Ccontainer_name>
docker rm \x3Ccontainer_name>
\x3Crecreate_command>

Validation of recreate_command

Before using it, verify all of the following:

  • starts with docker run
  • includes an image name as the final image argument before any container command
  • clearly targets the same logical container the user wants updated

If the command includes an inline container command after the image, preserve it exactly.

If the command is multiline, preserve it exactly.

Recommended Execution Workflow

  1. Confirm the target container name.
  2. Echo back the exact recreate command.
  3. Extract the image from the recreate command.
  4. Compare current image Id and latest pulled image Id.
  5. If Ids match, report that the container is already up to date and do nothing else.
  6. If Ids differ:
    • run docker stop \x3Ccontainer_name>
    • run docker rm \x3Ccontainer_name>
    • run the exact recreate_command
  7. Verify startup with: 
    docker ps --filter name=\x3Ccontainer_name>
docker inspect \x3Ccontainer_name>
docker logs --tail 100 \x3Ccontainer_name>
  8. Report status clearly, including whether healthcheck is healthy, starting, or absent.

Bundled Script

Use the bundled script when you want a deterministic check/apply flow:

python3 scripts/update_docker_run_container.py \
  --container-name \x3Ccontainer_name> \
  --recreate-command '\x3Cfull docker run command>'

Add --apply only when the user has approved the exact recreate command and actual recreation should happen.

The script will:

  • validate recreate_command
  • extract the image
  • pull the latest image
  • compare current vs latest image Id
  • optionally stop/remove/recreate
  • emit JSON summary with container state, health status, and recent logs

Output Expectations

When reporting results, include:

  • target container name
  • extracted image name
  • current image Id
  • latest image Id
  • whether recreation was needed
  • post-recreate container state
  • health status if present
  • any obvious log errors seen in recent logs

Example Pattern

Input:

  • container_name: my-container
  • recreate_command: 
    docker run -d --network host --name my-container --restart unless-stopped -v example_data:/data -v example_certs:/etc/ssl/certs -e DB_HOST=\x3Cdb_host> -e DB_PORT=\x3Cdb_port> -e DB_NAME=\x3Cdb_name> -e DB_USER=\x3Cdb_user> -e DB_PASSWORD=\x3Cdb_password> --health-cmd="/bin/check-health" --health-interval=600s --health-retries=5 --health-timeout=3s example/image:latest

Expected behavior:

  • extract image example/image:latest
  • compare current container image Id vs pulled latest image Id
  • recreate only if the Ids differ
  • preserve the recreate command exactly

Notes

When users ask to "update container X", prefer asking for the original docker run command unless it is already documented in memory or provided in the current request.

If the user has a known fixed recreate command for a specific container, prefer using that exact command unchanged.

安全使用建议
This skill appears coherent and implements exactly what it claims: compare image Ids and optionally recreate a docker run container. Before using it, ensure you only provide trusted recreate_command strings (the script will execute the command via /bin/bash). Always confirm the exact recreate command and require --apply explicitly before the skill performs stop/rm/run. If you might receive recreate_command values from untrusted sources, do not allow automatic apply and manually inspect the command for unintended shell constructs or additional commands chained to it.
功能分析
Type: OpenClaw Skill Name: docker-container-rerun Version: 1.0.0 The skill bundle contains a Python script (scripts/update_docker_run_container.py) that executes a user-provided string via subprocess.run(shell=True). While the script attempts to validate that the command starts with 'docker run', this check is insufficient to prevent shell injection (e.g., via command chaining or subshells). This represents a critical security vulnerability that allows for arbitrary code execution on the host, although it appears to be a design flaw rather than an intentional backdoor, as the behavior aligns with the stated purpose of recreating Docker containers.
能力评估
Purpose & Capability
Name/description match the contained behavior. The script and SKILL.md only call docker commands and perform image Id comparison and optional recreate; no unrelated binaries, cloud credentials, or config paths are requested.
Instruction Scope
SKILL.md stays within scope (only docker run containers, explicit recreate_command, conservative actions). The bundled script implements the described workflow. Note: the script executes the provided recreate_command with shell=True (/bin/bash), which is necessary to run arbitrary docker run invocations but means the agent will run whatever shell constructs exist in the user-supplied command. The skill's docs explicitly require user confirmation before applying, which is the correct mitigator — ensure that confirmation is enforced.
Install Mechanism
No install spec; instruction-only skill with a bundled Python script. Nothing is downloaded or written during installation.
Credentials
No environment variables, credentials, or config paths are requested. All required inputs are user-provided (container_name and recreate_command), which is appropriate for the stated task.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges or modify other skills. It runs only when invoked.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install docker-container-rerun
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /docker-container-rerun 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: safely compare docker image Ids and recreate docker run containers only when needed.
元数据
Slug docker-container-rerun
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Docker Container Rerun 是什么?

Safely check whether a Docker container's image has changed and, only when needed, recreate that docker run container with a user-provided original docker ru... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 120 次。

如何安装 Docker Container Rerun?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install docker-container-rerun」即可一键安装,无需额外配置。

Docker Container Rerun 是免费的吗?

是的,Docker Container Rerun 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Docker Container Rerun 支持哪些平台?

Docker Container Rerun 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Docker Container Rerun?

由 HongWei Jiang(@ugvfpdcuwfnh)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论