← 返回 Skills 市场
krishnakumarmahadevan-cmd

Docker Hardening

作者 ToolWeb · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
95
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install toolweb-docker-hardening
功能描述
Professional Docker security configuration generator aligned with CIS Benchmark v1.8.0 standards.
安全使用建议
This skill appears to be a front-end for an external API that generates hardened Docker configs. Before installing or invoking it, confirm whether the agent will send your Dockerfiles, deployment manifests, or other sensitive configuration to the external hosts listed (toolweb.in / api.mkkpro.com). Ask the publisher whether authentication is required and whether sent data is stored or logged; review the service's privacy/terms. Because the skill metadata does not declare required credentials or server endpoints, treat network calls as potential exfiltration paths — test using non-sensitive sample data first, prefer an on-prem/self-hosted alternative if you must keep configs private, and verify the publisher identity (domains and RapidAPI profile) before use.
功能分析
Type: OpenClaw Skill Name: toolweb-docker-hardening Version: 1.0.0 The skill bundle is a professional API wrapper for a Docker security hardening service (toolweb.in/mkkpro.com). It provides an OpenAPI specification and documentation for generating CIS Benchmark-compliant Docker configurations. The files (SKILL.md, openapi.json) contain no evidence of malicious intent, data exfiltration, or prompt injection, and the requested parameters (sessionId, userId) are consistent with the stated purpose of usage tracking and multi-tenancy.
能力评估
Purpose & Capability
Name and description match the provided SKILL.md and openapi.json: the skill is an API-style generator for Docker hardening artifacts. No required binaries or system access are declared, which is consistent if the implementation is an external service. However, the SKILL.md repeatedly references external API hosts and commercial plans (toolweb.in / api.mkkpro.com) while the package declares no required credentials or servers — a mild mismatch between claimed hosted-API behavior and manifest metadata.
Instruction Scope
Runtime instructions and examples are limited to generating configuration files and describing API endpoints. The SKILL.md does not instruct the agent to read local files, environment variables, or system config, nor to exfiltrate unrelated data. It provides example request/response shapes and endpoint routes only.
Install Mechanism
Instruction-only skill with no install spec and no code files to write to disk. This is low-risk from an installation-perspective — nothing is downloaded or executed locally by the skill package itself.
Credentials
The documentation and openapi reference external endpoints and a paid/free pricing model, yet the skill metadata declares no required environment variables, no primary credential, and the openapi.json lacks server URL entries. If the agent will call api.mkkpro.com or portal.toolweb.in, those calls may require API keys, auth, or will transmit potentially sensitive container configuration data. The absence of any declared credential requirement (or explicit statement that the API is unauthenticated) is an inconsistency and a potential privacy/operational concern.
Persistence & Privilege
always is false and there is no install-time persistence. The skill does not request to modify other skills or system-wide agent settings. Autonomous invocation is allowed (default) but not combined with other high privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install toolweb-docker-hardening
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /toolweb-docker-hardening 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Docker Security Hardening Tool v1.0.0 - Launches a professional API to generate CIS Docker Benchmark v1.8.0–compliant security configurations. - Supports generation of hardened Dockerfiles, docker-compose files, and security policy documents. - Includes endpoints for option discovery, configuration generation, and service health checks. - Outputs applied policies, compliance scores, and actionable security recommendations. - Flexible API parameters for tailored security options and audit-ready tracking.
元数据
Slug toolweb-docker-hardening
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Docker Hardening 是什么?

Professional Docker security configuration generator aligned with CIS Benchmark v1.8.0 standards. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 95 次。

如何安装 Docker Hardening?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install toolweb-docker-hardening」即可一键安装,无需额外配置。

Docker Hardening 是免费的吗?

是的,Docker Hardening 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Docker Hardening 支持哪些平台?

Docker Hardening 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Docker Hardening?

由 ToolWeb(@krishnakumarmahadevan-cmd)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论