Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

Ascend/ascend-docker

Name: ascend-docker
Author: Ascend

skills/ascend-docker/SKILL.md

npx skillsauth add Ascend/agent-skills ascend-docker

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Ascend Docker Container

Create Docker containers configured for Huawei Ascend NPU development.

Quick Start

# Privileged mode (default, auto-detect all devices)
./scripts/run-ascend-container.sh <image> <container_name>

# Basic mode with specific devices
./scripts/run-ascend-container.sh <image> <container_name> --mode basic

# Full mode with selected devices
./scripts/run-ascend-container.sh <image> <container_name> --mode full --device-list "0,1,2,3"

Device Selection

The script auto-detects available NPU devices from /dev/davinci*. Use --device-list to select specific devices:

# Use all detected devices (default)
./scripts/run-ascend-container.sh <image> <container_name>

# Use specific devices
./scripts/run-ascend-container.sh <image> <container_name> --device-list "0,1,2,3"

# Use device range
./scripts/run-ascend-container.sh <image> <container_name> --device-list "0-3"

# Combine ranges and individual devices
./scripts/run-ascend-container.sh <image> <container_name> --device-list "0-3,7,10-11"

Check available devices:

ls /dev/davinci* | grep -oE 'davinci[0-9]+$'

Container Modes

1. Privileged Mode (Default)

Maximum permissions, suitable when no specific requirements.

docker run -itd --privileged --name=<CONTAINER_NAME> --ipc=host --net=host \
  --device=/dev/davinci_manager \
  --device=/dev/devmm_svm \
  --device=/dev/hisi_hdc \
  -v /usr/local/sbin:/usr/local/sbin:ro \
  -v /usr/local/Ascend/driver:/usr/local/Ascend/driver:ro \
  -v /home:/home \
  -w /home \
  <IMAGE> \
  /bin/bash

2. Basic Mode

Specific device mapping with network host, for inference workloads.

docker run -itd --net=host \
  --name=<CONTAINER_NAME> \
  --device=/dev/davinci_manager \
  --device=/dev/hisi_hdc \
  --device=/dev/devmm_svm \
  --device=/dev/davinci0 \
  --device=/dev/davinci1 \
  ... \
  -v /usr/local/Ascend/driver:/usr/local/Ascend/driver:ro \
  -v /usr/local/sbin:/usr/local/sbin:ro \
  -v /etc/localtime:/etc/localtime \
  -v /home:/home \
  <IMAGE> \
  /bin/bash

3. Full Mode

With profiling, logging, dump, and add-ons support.

docker run -itd --ipc=host \
  --name=<CONTAINER_NAME> \
  --device=/dev/davinci_manager \
  --device=/dev/devmm_svm \
  --device=/dev/hisi_hdc \
  --device=/dev/davinci0 \
  --device=/dev/davinci1 \
  ... \
  -v /usr/local/Ascend/driver:/usr/local/Ascend/driver \
  -v /usr/local/Ascend/add-ons/:/usr/local/Ascend/add-ons/ \
  -v /usr/local/sbin/npu-smi:/usr/local/sbin/npu-smi \
  -v /usr/local/sbin/:/usr/local/sbin/ \
  -v /var/log/npu/conf/slog/slog.conf:/var/log/npu/conf/slog/slog.conf \
  -v /var/log/npu/slog/:/var/log/npu/slog \
  -v /var/log/npu/profiling/:/var/log/npu/profiling \
  -v /var/log/npu/dump/:/var/log/npu/dump \
  -v /var/log/npu/:/usr/slog \
  -v /etc/localtime:/etc/localtime \
  -v /home:/home \
  <IMAGE> \
  /bin/bash

Mode Comparison

| Feature | Privileged | Basic | Full | |---------|------------|-------|------| | Network mode | host | host | - | | IPC mode | host | - | host | | Device access | All (via privileged) | Selected devices | Selected devices | | Profiling support | ✓ | ✗ | ✓ | | Dump support | ✓ | ✗ | ✓ | | Logging (slog) | ✓ | ✗ | ✓ | | Security | Lowest | Higher | Higher |

Device Parameters

| Device | Purpose | |--------|---------| | /dev/davinci_manager | NPU device manager | | /dev/devmm_svm | Device memory management | | /dev/hisi_hdc | HDC communication device | | /dev/davinci<N> | Individual NPU devices (0, 1, 2, ...) |

Volume Parameters

| Volume | Purpose | |--------|---------| | /usr/local/Ascend/driver | Ascend driver libraries | | /usr/local/sbin | NPU management tools (npu-smi) | | /usr/local/Ascend/add-ons | Additional Ascend components | | /var/log/npu/slog | System logs | | /var/log/npu/profiling | Profiling data | | /var/log/npu/dump | Dump data | | /etc/localtime | Timezone sync | | /home | User workspace |

Common Images

ascendhub.huawei.com/public-ascendhub/ascend-pytorch:24.0.RC1
ascendhub.huawei.com/public-ascendhub/ascend-mindspore:24.0.RC1
ascendhub.huawei.com/public-ascendhub/ascend-toolkit:24.0.RC1

Container Management

docker exec -it <container_name> bash
docker stop <container_name>
docker start <container_name>
docker rm -f <container_name>

Post-Setup

For self-built images, configure environment variables:

echo 'source /usr/local/Ascend/ascend-toolkit/set_env.sh' >> ~/.bashrc
source ~/.bashrc

Official References

Ascend Docker Guide

Ascend/ascend-docker

skills/ascend-docker/SKILL.md

Create Docker containers for Huawei Ascend NPU development with proper device mappings and volume mounts. Use when setting up Ascend development environments in Docker, running CANN applications in containers, or creating isolated NPU development workspaces. Supports privileged mode (default), basic mode, and full mode with profiling/logging. Auto-detects available NPU devices.

5 stars

development

Updated Apr 22, 2026

$ install --global

skillsauth

npx skillsauth add Ascend/agent-skills ascend-docker

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 22, 2026, 9:59 PM191.5s2 files scanned

SKILL.md

name:: ascend-docker
description:: Create Docker containers for Huawei Ascend NPU development with proper device mappings and volume mounts. Use when setting up Ascend development environments in Docker, running CANN applications in containers, or creating isolated NPU development workspaces. Supports privileged mode (default), basic mode, and full mode with profiling/logging. Auto-detects available NPU devices.

Ascend Docker Container

Create Docker containers configured for Huawei Ascend NPU development.

Quick Start

# Privileged mode (default, auto-detect all devices)
./scripts/run-ascend-container.sh <image> <container_name>

# Basic mode with specific devices
./scripts/run-ascend-container.sh <image> <container_name> --mode basic

# Full mode with selected devices
./scripts/run-ascend-container.sh <image> <container_name> --mode full --device-list "0,1,2,3"

Device Selection

The script auto-detects available NPU devices from /dev/davinci*. Use --device-list to select specific devices:

# Use all detected devices (default)
./scripts/run-ascend-container.sh <image> <container_name>

# Use specific devices
./scripts/run-ascend-container.sh <image> <container_name> --device-list "0,1,2,3"

# Use device range
./scripts/run-ascend-container.sh <image> <container_name> --device-list "0-3"

# Combine ranges and individual devices
./scripts/run-ascend-container.sh <image> <container_name> --device-list "0-3,7,10-11"

Check available devices:

ls /dev/davinci* | grep -oE 'davinci[0-9]+$'

Container Modes

1. Privileged Mode (Default)

Maximum permissions, suitable when no specific requirements.

docker run -itd --privileged --name=<CONTAINER_NAME> --ipc=host --net=host \
  --device=/dev/davinci_manager \
  --device=/dev/devmm_svm \
  --device=/dev/hisi_hdc \
  -v /usr/local/sbin:/usr/local/sbin:ro \
  -v /usr/local/Ascend/driver:/usr/local/Ascend/driver:ro \
  -v /home:/home \
  -w /home \
  <IMAGE> \
  /bin/bash

2. Basic Mode

Specific device mapping with network host, for inference workloads.

docker run -itd --net=host \
  --name=<CONTAINER_NAME> \
  --device=/dev/davinci_manager \
  --device=/dev/hisi_hdc \
  --device=/dev/devmm_svm \
  --device=/dev/davinci0 \
  --device=/dev/davinci1 \
  ... \
  -v /usr/local/Ascend/driver:/usr/local/Ascend/driver:ro \
  -v /usr/local/sbin:/usr/local/sbin:ro \
  -v /etc/localtime:/etc/localtime \
  -v /home:/home \
  <IMAGE> \
  /bin/bash

3. Full Mode

With profiling, logging, dump, and add-ons support.

docker run -itd --ipc=host \
  --name=<CONTAINER_NAME> \
  --device=/dev/davinci_manager \
  --device=/dev/devmm_svm \
  --device=/dev/hisi_hdc \
  --device=/dev/davinci0 \
  --device=/dev/davinci1 \
  ... \
  -v /usr/local/Ascend/driver:/usr/local/Ascend/driver \
  -v /usr/local/Ascend/add-ons/:/usr/local/Ascend/add-ons/ \
  -v /usr/local/sbin/npu-smi:/usr/local/sbin/npu-smi \
  -v /usr/local/sbin/:/usr/local/sbin/ \
  -v /var/log/npu/conf/slog/slog.conf:/var/log/npu/conf/slog/slog.conf \
  -v /var/log/npu/slog/:/var/log/npu/slog \
  -v /var/log/npu/profiling/:/var/log/npu/profiling \
  -v /var/log/npu/dump/:/var/log/npu/dump \
  -v /var/log/npu/:/usr/slog \
  -v /etc/localtime:/etc/localtime \
  -v /home:/home \
  <IMAGE> \
  /bin/bash

Mode Comparison

Device Parameters

Volume Parameters

Common Images

ascendhub.huawei.com/public-ascendhub/ascend-pytorch:24.0.RC1
ascendhub.huawei.com/public-ascendhub/ascend-mindspore:24.0.RC1
ascendhub.huawei.com/public-ascendhub/ascend-toolkit:24.0.RC1

Container Management

docker exec -it <container_name> bash
docker stop <container_name>
docker start <container_name>
docker rm -f <container_name>

Post-Setup

For self-built images, configure environment variables:

echo 'source /usr/local/Ascend/ascend-toolkit/set_env.sh' >> ~/.bashrc
source ~/.bashrc

Official References

Ascend Docker Guide

Related Skills

Ascend/k8s-check-fix

testing

VerifiedTrustedCommunity

Kubernetes 集群健康检查与安全修复 — 诊断问题，用户确认后执行修复

13SKILL.mdUpdated May 8, 2026

Ascend/cann-nnal-installer

tools

VerifiedTrustedCommunity

昇腾NPU CANN Toolkit+Kernels+NNAL安装部署技能。支持从官网下载run包安装和从Docker镜像提取两种方式，覆盖驱动检查、包下载、安装、环境变量配置与验证全流程。当用户需要安装CANN全套组件或指定版本CANN到自定义路径时调用。

13SKILL.mdUpdated May 8, 2026

Ascend/cann-nnal-installer

Ascend/atb-testframework-build

development

VerifiedTrustedCommunity

编译 ATB (Ascend Transformer Boost) 测试框架。当用户需要编译 ATB 测试框架、运行 CSV 测试、或构建 atb_test_framework 时调用。支持全量编译（含第三方依赖克隆与源替换）和增量编译两种模式。需在 Docker 容器内配合 CANN 环境执行。

13SKILL.mdUpdated May 7, 2026

Ascend/atb-testframework-build

Ascend/atb-ops-to-aclnn-migration-workflow

databases

VerifiedTrustedCommunity

ATB OPS→ACLNN 迁移标准化工作流主模板。整合前置学习、设计文档生成、CSV用例设计、实际迁移、编译验证、测试验证全流程，提供明确的阶段 Gates 和用户确认机制。

13SKILL.mdUpdated May 7, 2026

Ascend/atb-ops-to-aclnn-migration-workflow

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/Ascend/agent-skills.git

# Copy into Claude Code skills folder (global)
cp -r agent-skills/skills/ascend-docker ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

Ascend/agent-skills

5 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT