Install
openclaw skills install @kingaiwork/dockerfile-hardening-scannerScan Dockerfiles for insecure patterns, excessive privileges, and unnecessary layers. / 扫描Dockerfile中的不安全模式、过度权限和不必要的层。
openclaw skills install @kingaiwork/dockerfile-hardening-scannerScan Dockerfiles for insecure patterns, excessive privileges, and unnecessary layers. / 扫描Dockerfile中的不安全模式、过度权限和不必要的层。
🦁 由 KingAI.Work 出品 — 智能进化|vip@kingai.work
• Scans for 50+ known insecure patterns including secret exposure and hardcoded credentials / 扫描50+已知不安全模式,包括密钥泄露和硬编码凭证,帮您规避90%的安全风险 • Detects excessive root privileges and suggests least-privilege user configurations / 检测过度root权限,自动建议最小权限用户配置,降低攻击面 • Analyzes layer bloat and redundant instructions to optimize build efficiency / 分析层膨胀和冗余指令,优化构建效率,让镜像体积缩小40% • Pro-only: Real-time CI/CD integration with automated fix suggestions via API / 专业版专享:实时CI/CD集成,通过API自动提供修复建议,无缝嵌入开发流程 • Pro-only: Advanced compliance mapping to NIST, CIS, and SOC2 standards / 专业版专享:高级合规映射至NIST、CIS和SOC2标准,助力审计通过 • Provides severity ratings with clear remediation steps for each finding / 为每个发现提供严重性评级和清晰的修复步骤,开发人员可直接执行
dockerfile-hardening-scanner analyze Dockerfile Scans a Dockerfile for vulnerabilities and outputs a detailed report highlighting insecure patterns and suggested fixes / 扫描Dockerfile漏洞,输出详细报告,突出不安全模式及建议修复方案
• A DevOps engineer wants to ensure a production Dockerfile doesn't expose secret keys before deployment / DevOps工程师希望在部署前确认生产环境Dockerfile未暴露密钥,工具自动标记并阻止风险 • A security team audits multiple Dockerfiles across microservices to enforce company-wide security policies / 安全团队审计多个微服务的Dockerfile以执行全公司安全策略,工具批量扫描并生成合规报告 • A developer is new to container security and needs to learn best practices while writing Dockerfiles / 开发者刚接触容器安全,在编写Dockerfile时需学习最佳实践,工具实时反馈安全建议并培养良好习惯
| Feature | Free | Pro |
|---|---|---|
| Core / 核心功能 | ✅ | ✅ |
| Batch / 批量处理 | — | ✅ |
| AI / AI 增强 | — | ✅ |
| Support / 支持 | Community | Priority |
Part of the KING AI Ecosystem — kingai.work