The Agent Skills Directory

[SAFE]: The skill provides extensive documentation and actionable advice on container security, including image hardening, minimizing attack surfaces with Distroless/Alpine images, and dropping unnecessary Linux capabilities.\n- [SAFE]: Secret management practices are properly addressed, instructing the agent to use build-time secrets and external secret managers instead of hardcoding credentials in Dockerfiles or environment variables.\n- [SAFE]: All included Dockerfile and Docker Compose examples demonstrate optimized build patterns, including proper layer ordering and multi-stage builds to minimize image size and complexity.\n- [SAFE]: External references and tool recommendations (e.g., Trivy, Grype, and Hadolint) point to well-known and trusted security vendors and official repositories.

loom-docker