AgentSkillsCN

docker-vulnerabilities

OWASP Docker 六大漏洞知识库,用于识别、评估并修复容器化 Docker 环境中的安全风险。

SKILL.md
--- frontmatter
name: docker-vulnerabilities
description: OWASP Docker Top 6 vulnerability knowledge base for identifying, assessing, and remediating security risks in containerized Docker environments.
license: MIT
metadata:
  authors: "OWASP Docker Security Project"
  spec_version: "1.0"
  framework_revision: "1.0.0"
  last_updated: "2026-02-13"
  skill_based_on: "https://github.com/chris-buckley/agnostic-prompt-standard"
  content_based_on: "https://github.com/OWASP/Docker-Security"

Docker Vulnerabilities — Skill Entry

This SKILL.md is the entrypoint for the Docker Vulnerabilities skill.

The skill encodes the OWASP Docker Security Top 6 as structured, machine-readable references that an agent can query to identify, assess, and remediate Docker container security risks.

Normative references (Docker Top 6)

  1. 00 Vulnerability Index
  2. 01 Secure User Mapping
  3. 02 Patch Management Strategy
  4. 03 Network Segmentation and Firewalling
  5. 04 Secure Defaults and Hardening
  6. 05 Maintain Security Contexts
  7. 06 Resource Protection

Skill layout

  • SKILL.md — this file (skill entrypoint).
  • references/ — the Docker Top 6 normative documents.
    • 00-vulnerability-index.md — master index of all vulnerability identifiers, categories, and cross-references.
    • 01 through 06 — one document per vulnerability aligned with OWASP Docker Security numbering.
  • assets/ — reusable format and constants blocks.
    • constants/ — vulnerability catalog and category definitions.
      • constants-docker-catalog-v1.0.0.md
    • formats/ — output contract examples.
      • format-vulnerability-assessment-v1.0.0.md
      • format-remediation-checklist-v1.0.0.md