overthinkos/docker-ce
ov-layers/skills/docker-ce/SKILL.md
Docker CE engine with buildx and compose plugins from the official Docker repository. Use when working with Docker, container builds, or Docker Compose.
tools
Updated Apr 24, 2026
$ install --global
skillsauthnpx skillsauth add overthinkos/overthink-plugins docker-ceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 24, 2026, 2:44 PM187.2s1 file scanned
SKILL.md
- name:
- docker-ce
- description:
- |
docker-ce -- Docker CE engine and plugins
Layer Properties
| Property | Value |
|----------|-------|
| Install files | layer.yml, tasks: |
Packages
RPM (from docker-ce-stable repo): containerd.io, docker-buildx-plugin, docker-ce, docker-ce-cli, docker-compose-plugin
Cross-distro coverage
rpm: (Fedora — Docker's yum repo), pac: (Arch — docker metapackage from extra), deb: — via distro-version tag sections debian:13: and ubuntu:24.04: because the upstream apt repo URL differs per distro codename (https://download.docker.com/linux/debian trixie vs .../ubuntu noble). Each tag section declares its own repos: block with the correct URL + GPG key; packages (docker-ce, docker-ce-cli, containerd.io, docker-buildx-plugin, docker-compose-plugin) are identical. See /ov:layer "distro-version tag sections".
Usage
# image.yml
my-image:
layers:
- docker-ce
Used In Images
bazzite-ai(disabled)
Related Layers
/ov-layers:container-nesting— Alternative podman-based nested container support/ov-layers:kubernetes— Sibling kubectl/Helm commonly paired with docker-ce/ov-layers:github-actions— Sibling layer needing a container engine for act runs
Related Commands
/ov:build— Build the bootc image including docker-ce packages/ov:vm— Run the bootc image as a VM to test the docker engine
When to Use This Skill
Use when the user asks about:
- Docker CE inside containers
- Docker buildx or compose plugins
- The
docker-celayer or Docker repository setup
Related
/ov:test— declarative testing (tests:block,ov image test,ov test)
Related Skills
overthinkos/charly
tools
VerifiedTrustedCommunity
OpenCharly CLI (charly) binary installed into container/VM images for in-container use. Use when working with charly binary deployment inside containers, native D-Bus support, or the full charly toolchain (charly binary + virtualization + gocryptfs + socat).
SKILL.mdUpdated Jun 10, 2026
overthinkos/charly-cachyos
development
VerifiedTrustedCommunity
Operator CachyOS workstation profile — a kind:local template + target:local deploy that installs the full dev stack (30 candies) onto a CachyOS host via ShellExecutor. Lives in the overthinkos/cachyos submodule. MUST be invoked before editing or applying the charly-cachyos workstation profile.
SKILL.mdUpdated Jun 10, 2026
overthinkos/charly-fedora
tools
VerifiedTrustedCommunity
Fedora box with the full charly toolchain using shared candies. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Same candy list as charly-arch. Includes NVIDIA GPU runtime. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-fedora box.
SKILL.mdUpdated Jun 10, 2026
overthinkos/charly-arch
tools
VerifiedTrustedCommunity
Arch Linux box with the full charly toolchain. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Composes /charly-coder:charly-mcp so the box is reachable as an MCP gateway on port 18765. NVIDIA GPU runtime composed in. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-arch box.
SKILL.mdUpdated Jun 10, 2026