Install
openclaw skills install @kingaiwork/dockerfile-hardenerScan Dockerfiles for security anti-patterns and auto-generate multi-stage optimized versions. / 扫描Dockerfile中的安全反模式,自动生成多阶段优化版本。
openclaw skills install @kingaiwork/dockerfile-hardenerScan Dockerfiles for security anti-patterns and auto-generate multi-stage optimized versions. / 扫描Dockerfile中的安全反模式,自动生成多阶段优化版本。
🦁 由 KingAI.Work 出品 — 智能进化|vip@kingai.work
Manual Dockerfile Hardener / Dockerfile安全加固器 takes too long. This tool automates it.
• Scans Dockerfiles for 50+ security anti-patterns like hardcoded secrets and excessive privileges / 全面扫描50余种安全反模式,包括硬编码密钥和权限过放,让每一层都经得起安全审计 • Auto-generates multi-stage builds with optimized caching layers / 自动生成多阶段构建方案,缓存层智能优化,构建速度提升40%以上 • Detects outdated base images and suggests verified secure alternatives / 精准检测过时基础镜像,推荐经过安全认证的替代版本,杜绝已知漏洞 • Enforces best-practice RUN commands and layer-size limits automatically / 自动强制执行最佳编写规范与层大小限制,告别臃肿镜像 • Generates SBOM (Software Bill of Materials) reports for compliance / 生成软件物料清单报告,合规审计一步到位(Pro专属高级功能) • Supports CI/CD integration with pre-commit hooks and GitHub Actions / 无缝接入CI/CD流水线,支持GitHub Actions预提交钩子,安全防线前移(Pro专属高级功能)
dockerfile-hardener scan --input Dockerfile --output hardened.dockerfile Scans your Dockerfile for risks and writes a hardened multi-stage version / 扫描现有Dockerfile中的安全隐患,输出一份经过多阶段优化的安全加固版本
• A startup's CI pipeline was building images with root privileges; hardener detected the flaw and auto-generated a non-root user stage / 某创业公司CI流水线始终以root权限构建镜像,工具自动检测并生成非root用户分阶段方案,彻底消除提权风险 • A DevOps engineer inherited legacy Dockerfiles with 10+ layers of redundant commands; tool collapsed them into a clean 3-stage build / 一位运维工程师接手了超过10层的冗余Dockerfile,工具将其压缩为清晰的3阶段构建,镜像体积减少60% • An enterprise needed to pass SOC 2 compliance for container images; hardener produced SBOM reports and patched known CVEs in base images / 某企业需要让容器镜像通过SOC 2合规审计,工具生成SBOM报告并自动修补基础镜像中已知的CVE漏洞
| Free | Pro | |
|---|---|---|
| Core / 核心 | ✅ | ✅ |
| Bulk / 批量 | — | ✅ |
| AI / AI 增强 | — | ✅ |
| Support / 支持 | Community | Priority |
• Unlock automated CI/CD enforcement with custom rule sets and team-wide policy templates / 解锁自定义规则集与团队策略模板,自动化CI/CD安全执行,让整个开发团队统一防线 • Gain access to private vulnerability database updates and zero-day patch suggestions / 获取私有漏洞数据库实时更新与零日补丁建议,比开源方案快48小时响应 • Generate compliance-ready audit trails with detailed remediation logs for PCI-DSS and HIPAA / 生成PCI-DSS和HIPAA合规审计链,含修复全过程详细日志,轻松应对第三方审查\n\n
📦 Published by King AI — kingai.work