Container Images Skill
Overview
Specialized skill for Docker and OCI container image development, optimization, and security. Provides expert capabilities for building production-ready container images.
Capabilities
Dockerfile Development
- •Analyze and optimize existing Dockerfiles
- •Create multi-stage build configurations
- •Implement build argument patterns
- •Design base image hierarchies
- •Handle platform-specific builds (multi-arch)
Image Optimization
- •Minimize image layer count and size
- •Optimize layer caching strategies
- •Implement .dockerignore patterns
- •Remove unnecessary dependencies
- •Use distroless/minimal base images
Security Scanning
- •Interpret vulnerability scan results (Trivy, Snyk, Grype)
- •Prioritize CVE remediation
- •Recommend secure base images
- •Implement image signing (Cosign, Notary)
- •Configure admission policies
Registry Operations
- •Push, pull, and tag images
- •Configure registry authentication
- •Implement image retention policies
- •Handle multi-registry strategies
- •Manage image manifests and indexes
Build Integration
- •Integrate with CI/CD pipelines
- •Configure build caching (BuildKit)
- •Implement remote builders
- •Handle secrets during builds
- •Set up automated builds
Target Processes
- •
container-image-management.js- Container image lifecycle - •
security-scanning.js- Image vulnerability scanning - •
cicd-pipeline-setup.js- Build pipeline configuration
Usage Context
This skill is invoked when processes require:
- •Creating optimized Dockerfiles
- •Reducing container image sizes
- •Addressing security vulnerabilities in images
- •Setting up container build pipelines
- •Managing container registries
Dependencies
- •Docker CLI or compatible (Podman, nerdctl)
- •Container registry access
- •Vulnerability scanners (Trivy, Snyk)
- •BuildKit for advanced builds
Output Formats
- •Dockerfile configurations
- •Build optimization reports
- •Vulnerability analysis reports
- •Registry operation logs
- •Multi-stage build templates