MCP HubMCP Hub
Back to Skills

container-hadolint

majiayu000
Updated 23 days ago
12 views
58
9
58
View on GitHub
Otherdockerhadolintdockerfilecontainer-securitycis-benchmarklintingci-cd

About

This Claude Skill performs automated security linting of Dockerfiles using Hadolint, checking against 100+ rules aligned with the CIS Docker Benchmark. It identifies security misconfigurations, hardcoded secrets, and anti-patterns to enforce best practices. Use it to integrate shift-left container security into development workflows and CI/CD pipelines.

Quick Install

Claude Code

Recommended
Primary
npx skills add majiayu000/claude-skill-registry -a claude-code
Plugin CommandAlternative
/plugin add https://github.com/majiayu000/claude-skill-registry
Git CloneAlternative
git clone https://github.com/majiayu000/claude-skill-registry.git ~/.claude/skills/container-hadolint

Copy and paste this command in Claude Code to install this skill

GitHub Repository

majiayu000/claude-skill-registry
Path: skills/data/container-hadolint
0

Related Skills

container-hadolint

Other

This Claude Skill performs automated Dockerfile security linting using Hadolint, checking for misconfigurations, hardcoded secrets, and violations of the CIS Docker Benchmark. It's designed to integrate shift-left security into CI/CD pipelines and developer workflows. Use it to enforce container best practices and get remediation guidance directly within your development process.

View skill

container-grype

Other

This skill scans container images and filesystems for vulnerabilities using Grype, integrating CVSS, EPSS, and CISA KEV data for risk prioritization. It's designed for CI/CD pipeline integration, SBOM analysis, and generating security reports in formats like JSON and SARIF. Use it to implement automated vulnerability scanning and threshold-based security gating in your development workflow.

View skill

sca-trivy

Other

The `sca-trivy` skill performs comprehensive security scanning using Aqua Trivy, identifying vulnerabilities in container images, dependencies across multiple languages, and Infrastructure-as-Code configurations. It integrates into CI/CD pipelines, outputs results in SARIF format, and can generate SBOMs. Use it to automate vulnerability detection and prioritize fixes by CVSS score within your development workflow.

View skill

iac-checkov

Other

This skill performs automated security and compliance scanning for Infrastructure as Code files using Checkov. It detects misconfigurations, hardcoded secrets, and validates against major compliance benchmarks across Terraform, Kubernetes, and other IaC formats. Use it to integrate policy-as-code security checks directly into your development or CI/CD pipelines.

View skill