{"id":"4852f97e-5455-4053-a7a0-731e6f457f95","shortId":"dm7WUb","kind":"skill","title":"Review Dockerfiles for risky patterns and bad defaults with hadolint","tagline":"Catch insecure Dockerfile patterns, brittle package-install habits, and shell pitfalls before image builds ship.","description":"# Review Dockerfiles for risky patterns and bad defaults with hadolint\n\nCatch insecure Dockerfile patterns, brittle package-install habits, and shell pitfalls before image builds ship.\n\n## Prerequisites\n\nhadolint binary and Dockerfiles\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- Docker comes to the rescue, providing an easy way how to run hadolint on most\n- docker run --rm -i hadolint/hadolint < Dockerfile\n- docker run --rm -i ghcr.io/hadolint/hadolint < Dockerfile\n- brew install hadolint\n\nRequirements and caveats from upstream:\n- [![Docker pulls][docker-img]][docker]\n- A smarter Dockerfile linter that helps you build [best practice][] Docker\n- Just pipe your Dockerfile to docker run:\n\nBasic usage or getting-started notes:\n- the Bash code inside RUN instructions.\n- You can run hadolint locally to lint your Dockerfile.\n- podman run --rm -i ghcr.io/hadolint/hadolint < Dockerfile\n\n- Source: https://github.com/hadolint/hadolint\n- Extracted from upstream docs: https://raw.githubusercontent.com/hadolint/hadolint/HEAD/README.md\n\n## Documentation\n\n- https://github.com/hadolint/hadolint\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint/)","tags":["review","dockerfiles","for","risky","patterns","and","bad","defaults","with","hadolint","skills","agentskillexchange"],"capabilities":["skill","source-agentskillexchange","skill-review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,286 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:07.203Z","embedding":null,"createdAt":"2026-05-18T13:18:53.035Z","updatedAt":"2026-05-18T19:12:07.203Z","lastSeenAt":"2026-05-18T19:12:07.203Z","tsv":"'/hadolint/hadolint':97,159,164,175 '/hadolint/hadolint/head/readme.md':171 '/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint/)':182 'agent':177 'agentskillexchange.com':181 'agentskillexchange.com/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint/)':180 'bad':7,33 'bash':139 'basic':131 'best':121 'binari':55 'brew':99 'brittl':15,41 'build':25,51,120 'catch':11,37 'caveat':104 'code':140 'come':71 'default':8,34 'doc':168 'docker':70,85,91,107,110,112,123,129 'docker-img':109 'dockerfil':2,13,28,39,57,90,98,115,127,152,160 'document':172 'easi':77 'environ':69 'exchang':179 'extract':165 'get':135 'getting-start':134 'ghcr.io':96,158 'ghcr.io/hadolint/hadolint':95,157 'github.com':163,174 'github.com/hadolint/hadolint':162,173 'habit':19,45 'hadolint':10,36,54,82,101,147 'hadolint/hadolint':89 'help':118 'imag':24,50 'img':111 'insecur':12,38 'insid':141 'instal':18,44,58,62,100 'instruct':143 'lint':150 'linter':116 'local':148 'match':67 'note':137 'packag':17,43 'package-instal':16,42 'path':65 'pattern':5,14,31,40 'pipe':125 'pitfal':22,48 'podman':153 'practic':122 'prerequisit':53 'provid':75 'pull':108 'raw.githubusercontent.com':170 'raw.githubusercontent.com/hadolint/hadolint/head/readme.md':169 'requir':102 'rescu':74 'review':1,27 'riski':4,30 'rm':87,93,155 'run':81,86,92,130,142,146,154 'setup':64 'shell':21,47 'ship':26,52 'skill':178 'skill-review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint' 'smarter':114 'sourc':161,176 'source-agentskillexchange' 'start':136 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'upstream':61,106,167 'usag':132 'use':59 'way':78","prices":[{"id":"9850ecc0-d7a6-4592-953f-f7ee2d38c07b","listingId":"4852f97e-5455-4053-a7a0-731e6f457f95","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:18:53.035Z"}],"sources":[{"listingId":"4852f97e-5455-4053-a7a0-731e6f457f95","source":"github","sourceId":"agentskillexchange/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint","isPrimary":false,"firstSeenAt":"2026-05-18T13:18:53.035Z","lastSeenAt":"2026-05-18T19:12:07.203Z"}],"details":{"listingId":"4852f97e-5455-4053-a7a0-731e6f457f95","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"280de086a28dcd9ca86c394074bdca0574b505c7","skill_md_path":"skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Review Dockerfiles for risky patterns and bad defaults with hadolint","description":"Catch insecure Dockerfile patterns, brittle package-install habits, and shell pitfalls before image builds ship."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/review-dockerfiles-for-risky-patterns-and-bad-defaults-with-hadolint"},"updatedAt":"2026-05-18T19:12:07.203Z"}}