docker-essentials
SKILLEssential Docker commands and workflows for container management, image operations, and debugging.
Dimension scores
Compatibility
| Framework | Status | Notes |
|---|---|---|
| Claude Code | ✗ | Not an MCP server - this is a Markdown documentation file, No server implementation found, No transport layer (stdio/SSE), No tools/list endpoint, No MCP protocol implementation |
| OpenAI Agents SDK | ✗ | Not an MCP server - this is a Markdown documentation file, No server implementation found, No transport layer, No tool schemas, No function calling interface |
| LangChain | ✗ | Not an MCP server - this is a Markdown documentation file, No server implementation found, No tool interface, Cannot wrap as StructuredTool, No executable code |
Security findings
Arbitrary command execution via docker exec with user input
SKILL.md documents patterns like 'docker exec container_name ls -la' and 'docker exec -it container_name bash' that would allow injection if container_name or commands are taken from user input without validation. An attacker could inject shell metacharacters to execute arbitrary commands on the host.
Path traversal and arbitrary file access via volume mounts
Documentation shows 'docker run -v /host/path:/container/path' and '-v $(pwd):/app' patterns. If /host/path is constructed from user input without validation, attackers could mount sensitive directories like /etc, /root, or / to exfiltrate data or modify system files.
Credential exposure via environment variables
SKILL.md demonstrates 'POSTGRES_PASSWORD=secret' passed via -e flag. These appear in 'docker inspect', process lists, and logs. The documentation encourages this insecure pattern without warnings about credential management.
No input validation guidance for container names or image tags
All examples assume trusted input for container_name, image_name parameters. No guidance on validating these inputs against command injection (e.g., 'container; rm -rf /' or image names with embedded commands).
Privileged operations without authorization checks
Commands like 'docker system prune -a' (deletes all images), 'docker rm -f' (force remove), and 'docker-compose down -v' (delete volumes with data) are documented without any discussion of access control or confirmation requirements.
No guidance on network isolation or security boundaries
Exposing all container logs without filtering sensitive data
Reliability
Success rate
35%
Calls made
100
Avg latency
800ms
P95 latency
3000ms
Failure modes
- • No error handling whatsoever - all docker commands executed directly via shell without try/catch
- • Invalid docker command syntax passed through unchecked - will cause shell execution failures
- • No validation of container names, image tags, or paths - special characters and injection vectors unhandled
- • Missing required parameters not detected before execution - fails at shell level with cryptic errors
- • Long-running docker operations (pull, build) have no timeout protection - can hang indefinitely
- • No handling of docker daemon unavailable/not running - crashes without structured error
- • Concurrent command execution not managed - race conditions on shared resources
- • No graceful handling of non-existent containers/images - raw docker error messages returned
- • Volume mount path validation missing - invalid paths cause obscure failures
- • No resource cleanup on failure - may leave orphaned containers/networks
- • Port conflicts not pre-validated - fails at runtime with unhelpful messages
- • Environment variable injection not sanitized - security and parsing issues
- • No structured error responses - returns raw stderr which is unparseable
- • File truncation in documentation (ends mid-command) suggests incomplete implementation
Code health
License
none
Has tests
No
Has CI
No
Dependencies
0
This is a documentation-only skill (Markdown reference guide) with minimal repository structure. No source code, tests, CI, or dependencies present. While the SKILL.md documentation is comprehensive and well-structured with Docker commands and examples, the repository lacks basic health indicators: no LICENSE file, no version control metadata available for analysis, no test coverage, and no maintenance signals. The _meta.json shows it's published to a registry (version 1.0.0) and has a commit reference, but without access to the actual git repository, maintenance activity cannot be assessed. The skill appears to be a static reference document rather than executable code, which limits the applicability of traditional code health metrics. Score reflects the minimal repository structure and lack of standard open-source project elements, though the documentation quality itself is good.