dockerfile-generation
Dockerfile Generation Skill
Generate production-ready Dockerfiles through iterative verification.
Scope Constraints
- Read access to codebase for analysis; write access limited to Dockerfile and .dockerignore
- Executes
docker buildanddocker runfor verification only — no deployment or registry push - Does not modify application source code or dependency files
- Does not configure CI/CD pipelines — delegates to cicd-generation skill
Input Sanitization
- Base image names: alphanumeric, hyphens, dots, slashes, colons only — reject shell metacharacters and null bytes
- Port numbers: integers 1-65535 only
- File paths in COPY directives: reject
..traversal and null bytes
Core Principles
More from dtsong/my-claude-setup
web-security-hardening
Security audit checklist for web applications. Use when reviewing, auditing, or hardening a web app's security posture. Covers rate limiting, auth headers, IP blocking, CORS, security middleware, input validation, file upload limits, ORM usage, and password hashing. Triggers on requests like "review security", "harden this app", "security audit", "check for vulnerabilities", or when building/reviewing API endpoints.
26web-design-guidelines
Review UI code for Web Interface Guidelines compliance. Use when asked to "review my UI", "check accessibility", "audit design", "review UX", or "check my site against best practices".
8soc-security-skills
>
6tdd
>
3vercel-react-best-practices
React and Next.js performance optimization guidelines from Vercel Engineering. This skill should be used when writing, reviewing, or refactoring React/Next.js code to ensure optimal performance patterns. Triggers on tasks involving React components, Next.js pages, data fetching, bundle optimization, or performance improvements.
3workflow
Use when planning implementation steps, deciding commit format, or structuring development approach. Provides brainstorm-plan-implement flow with conventional commits. Triggers on 'how should I approach this', 'commit format'.
2