michsindlinger/specwright/templates/skills/devops/docker-github
specwright/templates/skills/devops/docker-github/SKILL.md
DevOps patterns for Docker and GitHub Actions for [PROJECT_NAME]
$ install --global
skillsauthnpx skillsauth add michsindlinger/specwright specwright/templates/skills/devops/docker-githubInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 24, 2026, 9:01 PM1.8s1 file scanned
SKILL.md
- description:
- DevOps patterns for Docker and GitHub Actions for [PROJECT_NAME]
- alwaysApply:
- false
DevOps Skill (Docker + GitHub Actions)
Project: [PROJECT_NAME] Stack: Docker, GitHub Actions Generated: [DATE]
Quick Reference
Docker
- Multi-stage builds for smaller images
- Use .dockerignore
- Don't run as root
- Pin base image versions
GitHub Actions
- Use reusable workflows
- Cache dependencies
- Use environment secrets
- Matrix builds for multiple versions
Available Modules
| Module | File | Use When | |--------|------|----------| | Docker Patterns | docker.md | Containerization | | CI/CD Pipelines | ci-cd.md | GitHub Actions | | Dos and Don'ts | dos-and-donts.md | Project learnings |
Project Context
Tech Stack
<!-- Extracted from specwright/product/tech-stack.md -->- Container Runtime: [CONTAINER_RUNTIME]
- CI/CD: [CI_CD_PLATFORM]
- Cloud Provider: [CLOUD_PROVIDER]
- Registry: [CONTAINER_REGISTRY]
Infrastructure Patterns
<!-- Extracted from specwright/product/architecture-decision.md -->Deployment Strategy: [DEPLOYMENT_STRATEGY]
Environment Management: [ENVIRONMENT_MANAGEMENT]
Secrets Management: [SECRETS_MANAGEMENT]
Project Structure
<!-- Extracted from specwright/product/architecture-structure.md -->[INFRA_STRUCTURE]
Self-Learning
→ Füge Erkenntnisse zu dos-and-donts.md hinzu.
Related Skills
michsindlinger/session-handoff
tools
VerifiedTrustedCommunity
Session Handoff: Erstellt eine vollständige Zusammenfassung der aktuellen Session für einen sauberen Kontextwechsel. NUR bei explizitem Aufruf (/session-handoff). NICHT automatisch auslösen. Geeignet wenn der User die Session resetten will, den Kontext aufräumen will, oder bei ~120k Tokens angelangt ist.
1SKILL.mdUpdated Jun 5, 2026
michsindlinger/pre-mortem
development
VerifiedTrustedCommunity
Pre-Mortem Risk Analysis: Strukturierte Prospective-Hindsight-Übung um launch-blocking Risiken vor Commitment aufzudecken. Team stellt sich vor, das Produkt sei 14 Tage nach Launch gefloppt, und arbeitet rückwärts. Klassifiziert Risiken in Tigers (echt), Paper Tigers (hypothetisch), Elephants (unausgesprochen). Nutze diesen Skill vor Build-Commitment, bei zu hoher Stakeholder-Confidence, vor Major-Releases, oder wenn das Team vage Sorgen nicht artikulieren kann. Trigger: /pre-mortem, 'pre-mortem', 'risk analysis', 'was könnte schiefgehen', 'risiken vor launch'.
1SKILL.mdUpdated Jun 5, 2026
michsindlinger/specwright/templates/skills/atomicity-validator
testing
VerifiedTrustedCommunity
Six-Sigma Atomicity Validator for create-spec stories
1SKILL.mdUpdated May 21, 2026
michsindlinger/specwright/templates/skills/ux-patterns-definition
tools
VerifiedTrustedCommunity
UX pattern definition guidance for navigation, user flows, interactions, and accessibility
1SKILL.mdUpdated Apr 17, 2026