ClawHub

Dockerignore Linter

v1.0.0

Lint, validate, and audit .dockerignore files for syntax issues, security risks, missing patterns, and optimization opportunities. Use when asked to lint, va...

0· 13·0 current·0 all-time
by@charlie-morrison
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires wallet
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included files and behavior: the SKILL.md directs use of the bundled Python script and the repository contains a stdlib-only linter that implements the listed rules and templates. No unrelated binaries, env vars, or cloud credentials are requested.
Instruction Scope
Runtime instructions are limited to running the included script (lint, security, suggest, context). The script parses .dockerignore and inspects directory contents for context/size analysis — this is expected for the stated functionality and does not instruct network exfiltration or reading unrelated system config beyond files in the project context.
Install Mechanism
No install spec; this is an instruction-only skill with bundled code. The script uses only Python stdlib (argparse, fnmatch, pathlib, etc.) so no external package downloads are required.
Credentials
No environment variables, credentials, or protected config paths are requested. The linter looks for common sensitive filenames/patterns in the project tree (e.g., .env, .aws) — appropriate for security checks.
Persistence & Privilege
The skill is not always-enabled and does not request any elevated platform privileges. It does not attempt to modify other skills or global agent configuration.
Assessment
This skill appears to do what it says: it runs a local, pure-Python linter that inspects .dockerignore files and (optionally) enumerates the build context. Before running it, review the script if you're concerned, and avoid running it against sensitive root directories — the context analysis will enumerate file names and sizes from the directory you point it at, which could reveal sensitive filenames (expected behavior for this tool).

Like a lobster shell, security has layers — review code before you run it.

latestvk976b1m6k7k6c5sybeanry86z984qwz4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments