Dockerfile Security Hardening Advisor
Audits Dockerfiles for security vulnerabilities using Hadolint and Trivy container scanner. Recommends hardening steps based on CIS Docker Benchmark and Snyk container advisories.
What it does
Dockerfile Security Hardening Advisor
Audits Dockerfiles for security vulnerabilities using Hadolint and Trivy container scanner. Recommends hardening steps based on CIS Docker Benchmark and Snyk container advisories.
Installation
Use the upstream install or setup path that matches your environment:
- Docker comes to the rescue, providing an easy way how to run hadolint on most
- docker run --rm -i hadolint/hadolint < Dockerfile
- docker run --rm -i ghcr.io/hadolint/hadolint < Dockerfile
- brew install hadolint
Requirements and caveats from upstream:
- [![Docker pulls][docker-img]][docker]
- A smarter Dockerfile linter that helps you build [best practice][] Docker
- Just pipe your Dockerfile to docker run:
Basic usage or getting-started notes:
-
the Bash code inside RUN instructions.
-
You can run hadolint locally to lint your Dockerfile.
-
podman run --rm -i ghcr.io/hadolint/hadolint < Dockerfile
-
Extracted from upstream docs: https://raw.githubusercontent.com/hadolint/hadolint/HEAD/README.md
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,182 chars)