← 返回 Skills 市场
elston

Managing Docker containers via docker-socket-proxy

作者 elston · GitHub ↗ · v0.4.0 · MIT-0
cross-platform ⚠ suspicious
159
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install docker-ops
功能描述
Manage Docker containers securely via docker-socket-proxy: check status, logs, resource usage, and safely restart only whitelisted containers with cooldown.
使用说明 (SKILL.md)

docker-ops

Manage Docker containers: status reports, log analysis, and restarts via docker-socket-proxy.

Prerequisites

  • docker CLI available in PATH
  • jq available in PATH
  • DOCKER_HOST environment variable is pre-configured (do NOT override it manually)
  • whitelist.yml in the agent workspace root

Whitelist

Before any Docker command, check the SYSCTL_WHITELIST_PATH environment variable.

If SYSCTL_WHITELIST_PATH is NOT set or empty:

  • Do NOT run any Docker commands
  • Reply: "⚠️ SYSCTL_WHITELIST_PATH is not configured. Set this environment variable in the container to point to the whitelist YAML file."
  • This applies to ALL requests without exception

If set, read the whitelist file from that path. There is no fallback file.

Structure:

containers:
  - name: container_name
    description: "Human description"
    can_restart: true|false

Rules:

  • NEVER run Docker commands against containers not in the whitelist
  • NEVER restart containers where can_restart: false
  • If a requested container is not in the whitelist, respond: "Container \x3Cname> is not in the whitelist. Available: \x3Clist>"

Allowed Commands

You may ONLY use these Docker commands:

Command When
docker ps --format json List running containers
docker ps -a --format json List all containers (including stopped)
docker inspect \x3Cname> Get container details (status, uptime, restart count)
docker stats --no-stream --format json \x3Cname> Get resource usage (CPU, RAM, NET, BLOCK)
docker logs --since \x3Cperiod> --tail 500 \x3Cname> Read container logs
docker restart \x3Cname> Restart a container (explicit request only!)

Forbidden Commands

NEVER execute: docker rm, docker stop, docker kill, docker exec, docker run, docker pull, docker build, docker push, docker network, docker volume, docker image, docker system, docker compose.

Report Procedure

When asked for a status report:

Step 1: Parse the period

Convert user text to --since parameter:

  • "за последний час" / "last hour" → 1h
  • "за сегодня" / "today" → 24h
  • "за 30 минут" / "30 minutes" → 30m
  • "за неделю" / "last week" → 168h
  • No period specified → default 1h
  • Maximum: 168h (7 days). If user requests more — cap at 168h and inform them.

Step 2: Collect data

All docker commands must be wrapped with timeout 30 to prevent hanging.

# Status + uptime + restart count
timeout 30 docker inspect \x3Cname> | jq '.[0] | {Status: .State.Status, StartedAt: .State.StartedAt, RestartCount: .RestartCount, Health: .State.Health.Status}'

# Resource usage
timeout 30 docker stats --no-stream --format '{{json .}}' \x3Cname>

# Fetch logs once, then count errors and warnings locally
LOG_OUTPUT=$(timeout 30 docker logs --since \x3Cperiod> --tail 5000 \x3Cname> 2>&1)

# Error/warning count (quick stats)
echo "${LOG_OUTPUT}" | grep -ci 'error\|exception\|fatal\|traceback'
echo "${LOG_OUTPUT}" | grep -ci 'warn'

# Last errors (up to 10 unique)
echo "${LOG_OUTPUT}" | grep -i 'error\|exception\|fatal\|traceback' | sort -u | tail -10

Step 3: Sanitize output

Before displaying log fragments to users, mask sensitive patterns:

  • Tokens, API keys, Bearer headers
  • Database connection strings with credentials
  • Passwords, secrets in environment variable dumps

Replace with [REDACTED] where detected.

Step 4: Format response

Use this template (adapt to language of request):

\x3Cstatus_emoji> **\x3Ccontainer_name>**

**Status:** `running` (uptime: 2d 5h 13m)
**Restarts:** 0
**CPU:** 2.3% | **RAM:** 145MiB / 512MiB (28%)
**NET I/O:** 1.2MB / 340KB | **BLOCK I/O:** 12MB / 5MB

**Logs at last hour:**
- 🔴 Errors: 3
- ⚠️ Warnings: 12

**Last errors:**
• `ConnectionRefusedError: connect to postgres:5432`
• `TimeoutError: request took >30s`

**Recommendation:** Check access to PostgreSQL

Status emoji rules:

  • ✅ — running, 0 errors, low resource usage
  • ⚠️ — running but has warnings/errors, or high resource usage (>80% CPU/RAM)
  • 🔴 — stopped/restarting/exited, or critical errors

Restart Procedure

When asked to restart a container:

  1. Verify container is in whitelist AND can_restart: true
  2. Confirm the request is explicit (user said "restart", "перезапусти", "рестартни")
  3. Cooldown check: do not restart the same container more than once per 5 minutes. If repeated — warn and ask to confirm.
  4. Audit log: before executing, output: 
    [AUDIT] \x3CISO-timestamp> restart \x3Ccontainer_name> requested_by=\x3Cuser_id_if_available>
  5. Execute: timeout 30 docker restart \x3Cname>
  6. Wait and verify with retries: 
    for i in 1 2 3; do
  sleep 10
  STATUS=$(timeout 30 docker inspect \x3Cname> | jq -r '.[0].State.Status')
  if [ "${STATUS}" = "running" ]; then break; fi
done
  7. If running → report success with new status
  8. If not running after 30s → report failure with last 20 log lines: timeout 30 docker logs --tail 20 \x3Cname> 2>&1

Log Viewing

When asked to show logs:

  1. Verify container is in whitelist
  2. Apply --tail 500 limit always
  3. If user asks for filtered logs (errors only, etc.) — use grep
  4. For large output — summarize, don't dump raw
  5. Sanitize sensitive data before displaying (see Step 3 in Report Procedure)

Safety Notes

  • NEVER pass user input directly into shell commands as container names — only use exact matches from whitelist
  • Always use 2>&1 when piping docker logs (stderr contains the actual logs)
  • If DOCKER_HOST is not set, do NOT guess the address — report to user: "DOCKER_HOST is not configured. Set this environment variable to point to the docker-socket-proxy endpoint."
  • If docker command fails with connection error — report to user that docker-socket-proxy may be down
安全使用建议
This skill generally does what it says (read-only-ish Docker queries + controlled restarts), but I found several inconsistencies you should address before installing: - Metadata vs reality: The skill's metadata declares no required environment variables or binaries, but the instructions and script require DOCKER_HOST, SYSCTL_WHITELIST_PATH, docker, jq, timeout and a grep implementation that supports -P. Ask the author to declare these in the registry metadata so you can enforce them at install time. - Whitelist enforcement: The script enforces name membership but the repo lacks an implementation of the restart/cooldown/audit steps described in SKILL.md. Confirm that your agent will enforce those restart safeguards (including checking can_restart in the whitelist and enforcing cooldown/audit) before allowing restarts. - Log sanitization: SKILL.md promises masking of tokens, DB connection strings, etc., but scripts provided do not perform redaction — logs may contain secrets. Either require the maintainer to implement robust redaction or ensure the agent performs sanitization before displaying logs. - Binaries availability: The script uses timeout and grep -P; these are not guaranteed present in all environments. Verify these binaries exist in the runtime or update the script to avoid -P usage (which may be unsupported) and to fail more explicitly if required tools are missing. - Configuration clarity: SKILL.md inconsistently references 'whitelist.yml in workspace root' and SYSCTL_WHITELIST_PATH. Decide on one canonical mechanism (prefer SYSCTL_WHITELIST_PATH) and document it clearly. - Risk note: DOCKER_HOST points to a socket-proxy; if that proxy is misconfigured it could expose broader Docker control. Only use this skill if you trust the docker-socket-proxy configuration and the whitelist file contents. If you cannot validate the above (metadata corrections, sanitization implementation, restart protections, and the proxy configuration), treat installation as higher-risk. If you decide to proceed, require the author to fix metadata and implement log redaction and explicit restart/cooldown code (or ensure your agent enforces those rules).
功能分析
Type: OpenClaw Skill Name: docker-ops Version: 0.4.0 The docker-ops skill is a well-designed administrative tool for container management with multiple layers of security. It implements mandatory whitelisting via the SYSCTL_WHITELIST_PATH environment variable, restricts execution to a safe subset of Docker commands, and includes explicit instructions for the agent to redact sensitive data (tokens, passwords, DSNs) from logs and environment variables. The provided shell script (container-report.sh) includes robust input validation, such as regex-based time period checks and timeout-wrapped commands to prevent resource exhaustion or hanging.
能力评估
Purpose & Capability
The skill claims to manage Docker via a docker-socket-proxy and therefore legitimately needs access to DOCKER_HOST and the whitelist. However, the registry metadata lists no required environment variables or binaries, while SKILL.md and scripts clearly require DOCKER_HOST, SYSCTL_WHITELIST_PATH and binaries such as docker, jq, timeout, grep (with -P). This mismatch between declared requirements and actual needs is an incoherence the maintainer should fix.
Instruction Scope
SKILL.md scopes actions tightly (allowed/forbidden docker commands, whitelist checks, restart cooldown, audit log, sanitization). The included script enforces whitelist membership and period capping, but it does not implement promised log sanitization, and there is no restart implementation or cooldown/audit in code — those are expected to be enforced by the agent using the instructions. SKILL.md also inconsistently references both a workspace 'whitelist.yml' and SYSCTL_WHITELIST_PATH as required sources. The instructions to never pass user input to shell are good, but some operational details are ambiguous (where to obtain user_id for audit log).
Install Mechanism
There is no install spec (instruction-only with a small helper script). That is low risk from install-supply-chain perspective.
Credentials
The environment variables the skill requires in practice (DOCKER_HOST and SYSCTL_WHITELIST_PATH) are appropriate for its purpose — they control access to the docker-socket-proxy and to the whitelist. The metadata, though, declares none; that's a bookkeeping issue. There are no unrelated secret env vars requested. Note: DOCKER_HOST points to the socket-proxy and confers the privileges the proxy allows; ensure the proxy itself is correctly restricted.
Persistence & Privilege
The skill does not request persistent or global privileges (always: false). It does not modify other skills or system-wide settings in the files provided.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install docker-ops
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /docker-ops 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.4.0
- Added comprehensive whitelist and safety procedures: containers must be explicitly listed and allowed for operations. - Enforced use of the `SYSCTL_WHITELIST_PATH` environment variable before executing any Docker command. - Strictly limited commands to safe status, inspect, log retrieval, monitoring, and controlled restarts; forbidden dangerous Docker operations. - Introduced structured status report and log analysis workflow, including sensitive data redaction. - Established cooldown and auditing for restarts to prevent accidental or repeated operations. - Improved error handling and messaging for missing environment/configuration or denied actions.
元数据
Slug docker-ops
版本 0.4.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Managing Docker containers via docker-socket-proxy 是什么?

Manage Docker containers securely via docker-socket-proxy: check status, logs, resource usage, and safely restart only whitelisted containers with cooldown. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 159 次。

如何安装 Managing Docker containers via docker-socket-proxy?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install docker-ops」即可一键安装,无需额外配置。

Managing Docker containers via docker-socket-proxy 是免费的吗?

是的,Managing Docker containers via docker-socket-proxy 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Managing Docker containers via docker-socket-proxy 支持哪些平台?

Managing Docker containers via docker-socket-proxy 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Managing Docker containers via docker-socket-proxy?

由 elston(@elston)开发并维护,当前版本 v0.4.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论