Can it fix existing Dockerfiles automatically?

Yes, by using the --fix flag, the skill can automatically update base images, add HEALTHCHECK instructions, and refactor Dockerfiles into secure, multi-stage formats.

What security standards does this skill enforce?

The skill mandates the use of non-root users, multi-stage builds to exclude build tools from production, and minimal base images like Alpine or Slim to reduce the attack surface.

Does it support multi-platform builds?

Yes, it configures workflows to support linux/amd64 and linux/arm64, ensuring compatibility across local development on Apple Silicon and various cloud server architectures.

How does it handle container scanning?

It integrates vulnerability scanners like Trivy or Grype directly into your CI/CD pipeline, flagging high-severity issues before images are pushed to a registry.

Container Infrastructure Configurator

Name: Container Infrastructure Configurator
Author: laurigates

bylaurigates

•

デプロイメントとDevOps

Audits and configures secure, production-grade container environments with optimized builds and automated vulnerability scanning.

The configure-container skill provides a comprehensive framework for managing container lifecycles within your development workflow. It automates the implementation of industry best practices, including multi-stage builds, non-root user enforcement, and minimal base image selection for Node.js, Python, Go, and Rust. Beyond Dockerfiles, it configures CI/CD workflows for multi-platform builds, integrates Trivy/Grype security scanning, and ensures OCI-compliant metadata labeling for registries like GHCR.

主な機能

01Configures GitHub Actions for multi-platform (ARM/AMD64) builds and caching

02Integrates automated vulnerability scanning using Trivy or Grype

03Automates multi-stage Dockerfile generation for minimal image sizes

0410 GitHub stars

05Enforces non-root execution and security hardening standards

06Standardizes .dockerignore and OCI labels for better registry management

ユースケース

01Setting up automated container build and push pipelines for GitHub Container Registry

02Auditing project repositories for containerization best practices and outdated base images

03Hardening legacy Dockerfiles to meet modern security and compliance standards

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add laurigates/claude-plugins configure-container

For use in Claude.ai and ChatGPT

Download Skill