Can I use this for Docker image forensic analysis?

Yes, it provides commands to extract image layers, analyze container history, and search for embedded secrets using tools like 'dive' or standard CLI utilities.

Does it support Kubernetes security assessments?

Absolutely. It includes techniques for service account token enumeration, API access testing, and checking for overly permissive RBAC settings.

Can this skill identify specific Docker misconfigurations?

Yes, it specifically scans for common risks like the Docker socket being mounted, privileged flag usage, excessive capabilities (CAP_SYS_ADMIN), and insecure host network modes.

What kind of escape techniques are included?

It covers a wide range of escapes including cgroup abuse, privileged container mounting, Docker socket hijacking, and exploiting known runtime vulnerabilities like CVE-2019-5736.

Container Security & Escape Expert

Name: Container Security & Escape Expert
Author: trilwu

bytrilwu

0•

Seguridad y Pruebas

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

The Container Security & Escape skill empowers Claude to act as a specialized security researcher for containerized environments. It provides structured methodologies for environment detection, misconfiguration auditing, and advanced escape techniques such as Docker socket abuse and Kubernetes API exploitation. By integrating best practices from the security community, this skill enables users to proactively identify excessive capabilities, insecure mounts, and RBAC flaws, ensuring that containerized infrastructure is both resilient and properly hardened against breakout attempts.

Características Principales

01Kubernetes API enumeration and RBAC privilege escalation

02Automated detection of container types and kernel capabilities

03Comprehensive Docker escape techniques for privileged containers

04Deep analysis of Docker images for secrets and sensitive data

05Identification of common misconfigurations in container runtimes

060 GitHub stars

Casos de Uso

01Performing authorized penetration tests on Docker or Kubernetes clusters

02Auditing container configurations for excessive privileges or insecure mounts

03Analyzing container images for accidentally exposed credentials and keys

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add trilwu/secskills container-security

For use in Claude.ai and ChatGPT

Características Principales

01Kubernetes API enumeration and RBAC privilege escalation

02Automated detection of container types and kernel capabilities

03Comprehensive Docker escape techniques for privileged containers

04Deep analysis of Docker images for secrets and sensitive data

05Identification of common misconfigurations in container runtimes

060 GitHub stars

Casos de Uso

01Performing authorized penetration tests on Docker or Kubernetes clusters

02Auditing container configurations for excessive privileges or insecure mounts

03Analyzing container images for accidentally exposed credentials and keys

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add trilwu/secskills container-security

For use in Claude.ai and ChatGPT