Skills

docker-core-security

Installation
SKILL.md

docker-core-security

Quick Reference

Security Layers Overview

Layer Mechanism Purpose
Image Supply Chain Content trust, scanning, pinned digests Verify image integrity and known vulnerabilities
Build-Time Secrets mounts, multi-stage builds, .dockerignore Prevent secrets leaking into image layers
Runtime Isolation Namespaces, cgroups, seccomp, AppArmor Kernel-level process and resource isolation
Least Privilege Non-root USER, cap-drop ALL, read-only FS Minimize attack surface inside the container
Resource Limits Memory, CPU, PID limits Prevent denial-of-service via resource exhaustion
Host Protection Rootless Docker, no-new-privileges Reduce daemon and container escape impact

Minimum Viable Security (Quick-Start)

Apply these five settings to EVERY production container:

Related skills

More from openaec-foundation/docker-claude-skill-package

Installs
2
Repository
openaec-foundat…-package
GitHub Stars
1
First Seen
Mar 27, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn