aiskillstore/docker-optimizer
skills/crazydubya/docker-optimizer/SKILL.md
Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.
$ install --global
skillsauthnpx skillsauth add aiskillstore/marketplace docker-optimizerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 6:14 PM66.3s3 files scanned
SKILL.md
- name:
- docker-optimizer
- description:
- Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.
- allowed-tools:
- Read, Grep, Glob, Write, Edit
Docker Optimizer
Analyzes and optimizes Dockerfiles for performance, security, and best practices.
When to Use
- User working with Docker or containers
- Dockerfile optimization needed
- Container image too large
- User mentions "Docker", "container", "image size", or "deployment"
Instructions
1. Find Dockerfiles
Search for: Dockerfile, Dockerfile.*, *.dockerfile
2. Check Best Practices
Use specific base image versions:
# Bad
FROM node:latest
# Good
FROM node:18-alpine
Minimize layers:
# Bad
RUN apt-get update
RUN apt-get install -y curl
RUN apt-get install -y git
# Good
RUN apt-get update && \
apt-get install -y curl git && \
rm -rf /var/lib/apt/lists/*
Order instructions by change frequency:
# Dependencies change less than code
COPY package*.json ./
RUN npm install
COPY . .
Use .dockerignore:
node_modules
.git
.env
*.md
3. Multi-Stage Builds
Reduce final image size:
# Build stage
FROM node:18 AS build
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
# Production stage
FROM node:18-alpine
WORKDIR /app
COPY --from=build /app/dist ./dist
COPY --from=build /app/node_modules ./node_modules
CMD ["node", "dist/index.js"]
4. Security Issues
Don't run as root:
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser
No secrets in image:
# Bad: Hardcoded secret
ENV API_KEY=secret123
# Good: Use build args or runtime env
ARG BUILD_ENV
ENV NODE_ENV=${BUILD_ENV}
Scan for vulnerabilities:
docker scan image:tag
trivy image image:tag
5. Size Optimization
Use Alpine images:
node:18-alpinevsnode:18(900MB → 170MB)python:3.11-alpinevspython:3.11(900MB → 50MB)
Remove unnecessary files:
RUN npm install --production && \
npm cache clean --force
Use specific COPY:
# Bad: Copies everything
COPY . .
# Good: Copy only what's needed
COPY package*.json ./
COPY src ./src
6. Caching Strategy
Layer caching optimization:
# Install dependencies first (cached if package.json unchanged)
COPY package*.json ./
RUN npm install
# Copy source (changes more frequently)
COPY . .
RUN npm run build
7. Health Checks
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node healthcheck.js
8. Generate Optimized Dockerfile
Provide improved version with:
- Multi-stage build
- Appropriate base image
- Security improvements
- Layer optimization
- Build caching
- .dockerignore file
9. Build Commands
Efficient build:
# Use BuildKit
DOCKER_BUILDKIT=1 docker build -t app:latest .
# Build with cache from registry
docker build --cache-from myregistry/app:latest -t app:latest .
10. Dockerfile Checklist
- [ ] Specific base image tag (not
latest) - [ ] Multi-stage build if applicable
- [ ] Non-root user
- [ ] Minimal layers (combined RUN commands)
- [ ] .dockerignore present
- [ ] No secrets in image
- [ ] Proper layer ordering for caching
- [ ] Alpine or slim variant used
- [ ] Cleanup in same RUN layer
- [ ] HEALTHCHECK defined
Security Best Practices
- Scan images regularly
- Use official base images
- Keep base images updated
- Minimize attack surface (fewer packages)
- Run as non-root user
- Use read-only filesystem where possible
Supporting Files
templates/Dockerfile.optimized: Optimized multi-stage Dockerfile exampletemplates/.dockerignore: Common .dockerignore patterns
Related Skills
aiskillstore/hig-components-content
development
VerifiedTrustedCommunity
Apple Human Interface Guidelines for content display components. Use this skill when the user asks about charts component, collection view, image view, web view, color well, image well, activity view, lockup, data visualization, content display, displaying images, rendering web content, color pickers, or presenting collections of items in Apple apps. Also use when the user says how should I display charts, what's the best way to show images, should I use a web view, how do I build a grid of items, what component shows media, or how do I present a share sheet. Cross-references: hig-foundations for color/typography/accessibility, hig-patterns for data visualization patterns, hig-components-layout for structural containers, hig-platforms for platform-specific component behavior.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/helpdesk-automation
tools
VerifiedTrustedCommunity
Automate HelpDesk tasks via Rube MCP (Composio): list tickets, manage views, use canned responses, and configure custom fields. Always search tools first for current schemas.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/haskell-pro
testing
VerifiedTrustedCommunity
Expert Haskell engineer specializing in advanced type systems, pure functional design, and high-reliability software. Use PROACTIVELY for type-level programming, concurrency, and architecture guidance.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/graphql
tools
VerifiedTrustedCommunity
GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully.
244SKILL.mdUpdated Apr 10, 2026