← 返回 Skills 市场
mikeclaw007

Docker Eng

作者 mikeclaw007 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
127
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install docker-eng
功能描述
Deep Docker workflow—image design, multi-stage builds, security, runtime config, health checks, and operations. Use when containerizing apps, hardening image...
使用说明 (SKILL.md)

Docker Eng — Deep Workflow

Containers package applications with their dependencies. Optimize for small, reproducible images and clear runtime contracts—not “SSH into a mini VM.”

When to Offer This Workflow

Trigger conditions:

  • Authoring Dockerfiles for apps or CI
  • CVEs in base images; accidental secrets in layers
  • Slow builds or oversized images pushing registry costs

Initial offer:

Use six stages: (1) base image & supply chain, (2) Dockerfile structure, (3) runtime config & secrets, (4) security hardening, (5) health & observability, (6) ops & debugging). Confirm registry and orchestrator (Kubernetes, ECS, etc.).

Stage 1: Base Image & Supply Chain

Goal: Pin tags or digests; prefer minimal bases (distroless, slim) when compatible.

Practices

  • Scan images regularly (Trivy, Grype); track SBOM where required

Stage 2: Dockerfile Structure

Goal: Multi-stage builds: compile in builder, copy only artifacts to runtime; order layers for cache hits (dependency manifests before source).

Practices

  • Maintain a robust .dockerignore (exclude secrets, build artifacts, VCS noise)

Stage 3: Runtime Config & Secrets

Goal: Configuration via environment variables; secrets injected at runtime (K8s secrets, IAM, vault)—never COPY real secrets into the image.

Stage 4: Security Hardening

Goal: Run as non-root; read-only filesystem where possible; minimal packages in final image; avoid leaking build tools in production.

Stage 5: Health & Observability

Goal: HEALTHCHECK or orchestrator probes match real readiness (dependencies up); logs to stdout/stderr in structured form.

Stage 6: Ops & Debugging

Goal: Tag images with git SHA; document how to exec/debug (or use debug sidecars for distroless).

Final Review Checklist

  • Base image pinned and scanned
  • Multi-stage build; minimal runtime layer
  • No secrets in layers
  • Non-root and least privilege
  • Health/readiness aligned with app
  • .dockerignore and reproducible builds

Tips for Effective Guidance

  • Explain layer caching order—why COPY package.json before COPY . matters.
  • Distroless images: no shell—use ephemeral debug containers or sidecars.

Handling Deviations

  • Windows containers: different paths and base images—validate separately.
安全使用建议
This skill is instruction-only and appears coherent with its Docker-focused purpose. Before installing or letting an agent act on its advice: (1) remember the skill may recommend using external tools (Trivy/Grype, SBOM generators, Vault, kubectl) — only grant registry/kube/Vault credentials when strictly necessary and to trusted agents; (2) review any concrete shell commands the agent proposes before running them; (3) if you allow autonomous agent actions, limit the agent's ability to run arbitrary commands or access broad credentials; and (4) because the skill's source is unknown, prefer to use it as read-only guidance (follow recommendations manually or in a controlled CI environment) rather than giving it privileged access. If you want higher assurance, ask the publisher for provenance (homepage, source repo) or request a version that includes reproducible checks or signed release notes.
功能分析
Type: OpenClaw Skill Name: docker-eng Version: 1.0.0 The skill bundle consists of a metadata file and a markdown guide (SKILL.md) outlining industry best practices for Docker engineering. It provides constructive advice on multi-stage builds, security hardening (non-root users, secret management), and image optimization. There is no executable code, no external network calls, and no evidence of malicious intent or prompt injection.
能力评估
Purpose & Capability
The name/description (deep Docker workflow, hardening, build optimizations) matches the SKILL.md content. All recommended tools and practices (multi-stage builds, .dockerignore, Trivy/Grype, SBOMs, Vault, orchestrator probes) are relevant to containerization and image hardening; nothing requested is unrelated to the stated purpose.
Instruction Scope
The SKILL.md stays inside the scope of Docker/image workflows and checklists. It recommends scanning, non-root runtimes, healthchecks, tagging with git SHAs, etc. It does not instruct the agent to read arbitrary system files, exfiltrate data, or contact unexpected endpoints. It mentions external tools and secret managers only as recommended practices, not as required accesses.
Install Mechanism
No install spec and no code files are present. Because this is instruction-only, nothing will be downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. It references secrets management (Vault, K8s secrets) as best practice but does not request tokens or keys in the skill metadata.
Persistence & Privilege
always is false and the skill does not request permanent presence or modify other skills or system-wide settings. Autonomous model invocation is enabled by default on the platform but that is normal and not a unique risk here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install docker-eng
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /docker-eng 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
docker-eng 1.0.0 — initial release - Provides a comprehensive Docker workflow covering image design, multi-stage builds, security, runtime configuration, health checks, and operational debugging. - Offers guidance for containerizing applications, hardening images, and troubleshooting container behavior in CI and production. - Defines six practical workflow stages: base image selection, Dockerfile structuring, runtime config & secrets, security hardening, health/observability, and ops/debugging. - Includes a detailed checklist and key tips for best practices and handling special cases like distroless and Windows containers.
元数据
Slug docker-eng
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Docker Eng 是什么?

Deep Docker workflow—image design, multi-stage builds, security, runtime config, health checks, and operations. Use when containerizing apps, hardening image... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 127 次。

如何安装 Docker Eng?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install docker-eng」即可一键安装,无需额外配置。

Docker Eng 是免费的吗?

是的,Docker Eng 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Docker Eng 支持哪些平台?

Docker Eng 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Docker Eng?

由 mikeclaw007(@mikeclaw007)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论