← 返回 Skills 市场

Dockerignore Linter

Name: Dockerignore Linter
Author: charlie-morrison

作者 charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install dockerignore-linter

功能描述

Lint, validate, and audit .dockerignore files for syntax issues, security risks, missing patterns, and optimization opportunities. Use when asked to lint, va...

使用说明 (SKILL.md)

Dockerignore Linter

Lint .dockerignore files for syntax issues, security risks, missing essential patterns, and optimization opportunities.

Commands

All commands use the bundled Python script at scripts/dockerignore_linter.py.

1. Lint a .dockerignore file

python3 scripts/dockerignore_linter.py lint \x3Cfile> [--strict] [--format text|json|markdown]

Run all validation rules.

2. Audit for security-sensitive files

python3 scripts/dockerignore_linter.py security \x3Cfile> [--format text|json|markdown]

Check if secrets, credentials, and sensitive files are properly excluded.

3. Suggest missing patterns

python3 scripts/dockerignore_linter.py suggest [--project-type node|python|go|rust|java|ruby|generic] [--format text|json]

Generate recommended .dockerignore patterns for a project type.

4. Analyze Docker build context

python3 scripts/dockerignore_linter.py context \x3Cdirectory> [--dockerignore \x3Cfile>] [--format text|json]

Show which files would be included in the Docker build context, with size breakdown.

Lint Rules (18 total)

Syntax (4 rules)

empty-file — .dockerignore is empty
invalid-pattern — Malformed glob pattern
duplicate-pattern — Same pattern appears twice
negation-conflict — Negation ! overrides a previous exclusion (likely unintended)

Security (6 rules)

missing-env — .env not excluded (may contain secrets)
missing-secrets — Common secret files not excluded (*.pem, *.key, id_rsa, etc.)
missing-git — .git directory not excluded (exposes history + credentials)
missing-credentials — Credential files not excluded (aws/credentials, .npmrc with tokens, etc.)
missing-docker — Docker-related files not excluded (docker-compose*.yml, Dockerfile*)
missing-ide — IDE config not excluded (.vscode, .idea, *.swp)

Optimization (4 rules)

missing-deps — Dependency directories not excluded (node_modules, pycache, vendor, target)
missing-build — Build output not excluded (dist, build, *.o, *.pyc)
missing-logs — Log files not excluded (*.log, logs/)
missing-test — Test data/coverage not excluded (coverage, .nyc_output, htmlcov)

Best Practices (4 rules)

too-broad — Pattern is overly broad (e.g., * without specific negations)
commented-pattern — Inline comment after pattern (not supported, treated as literal)
trailing-space — Pattern has trailing whitespace
readme-excluded — README/docs excluded (usually should be kept for reference)

Output Formats

Text, JSON, Markdown — same structure as other linters.

CI Integration

- name: Lint Dockerignore
  run: python3 scripts/dockerignore_linter.py lint .dockerignore --strict

Exit codes: 0 = clean, 1 = issues found.

安全使用建议

This skill appears to do what it says: it runs a local, pure-Python linter that inspects .dockerignore files and (optionally) enumerates the build context. Before running it, review the script if you're concerned, and avoid running it against sensitive root directories — the context analysis will enumerate file names and sizes from the directory you point it at, which could reveal sensitive filenames (expected behavior for this tool).

功能分析

Type: OpenClaw Skill Name: dockerignore-linter Version: 1.0.0 The skill is a legitimate utility for linting and auditing .dockerignore files. The core logic in `scripts/dockerignore_linter.py` performs syntax validation, security checks for sensitive files (like .env or .ssh), and build context size analysis using standard Python libraries. No evidence of data exfiltration, malicious execution, or prompt injection was found.

能力标签

cryptorequires-wallet

能力评估

✓ Purpose & Capability

Name/description match the included files and behavior: the SKILL.md directs use of the bundled Python script and the repository contains a stdlib-only linter that implements the listed rules and templates. No unrelated binaries, env vars, or cloud credentials are requested.

✓ Instruction Scope

Runtime instructions are limited to running the included script (lint, security, suggest, context). The script parses .dockerignore and inspects directory contents for context/size analysis — this is expected for the stated functionality and does not instruct network exfiltration or reading unrelated system config beyond files in the project context.

✓ Install Mechanism

No install spec; this is an instruction-only skill with bundled code. The script uses only Python stdlib (argparse, fnmatch, pathlib, etc.) so no external package downloads are required.

✓ Credentials

No environment variables, credentials, or protected config paths are requested. The linter looks for common sensitive filenames/patterns in the project tree (e.g., .env, .aws) — appropriate for security checks.

✓ Persistence & Privilege

The skill is not always-enabled and does not request any elevated platform privileges. It does not attempt to modify other skills or global agent configuration.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install dockerignore-linter
安装完成后，直接呼叫该 Skill 的名称或使用 /dockerignore-linter 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release

元数据

Slug dockerignore-linter

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题