Docker Expert
Harden Dockerfiles, multi-stage builds, and container runtime settings before you ship or run a solo product in production.
Overview
Docker Expert is an agent skill most often used in Ship (also Build/integrations, Operate/infra) that guides Dockerfile optimization, container security hardening, and production deployment patterns for solo builders.
Install
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill docker-expertWhat is this skill?
- Routes ultra-specific work to github-actions-expert, devops-expert, or database-expert instead of guessing
- Analyzes existing Docker setup using Read, Grep, and Glob before shell fallbacks
- Covers multi-stage builds, image slimming, and orchestration-minded patterns
- Production deployment strategies aligned with current industry practice
- Environment detection workflow for Docker CLI and daemon state
Adoption & trust: 18.7k installs on skills.sh; 40.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You need containers that are smaller, safer, and deployable—but your Dockerfile and runtime setup are ad hoc and you are not sure what to fix first.
Who is it for?
Indie devs containerizing a Node, Python, or Go service who want multi-stage builds, security basics, and deploy-ready images before going live.
Skip if: Teams needing Kubernetes service/ingress design, GitHub Actions pipeline authoring, or AWS ECS/Fargate-specific architecture—the skill stops and points to other experts.
When should I use this skill?
User asks for Docker optimization, security hardening, multi-stage builds, orchestration patterns, or production container deployment—and the problem stays within Docker rather than Kubernetes, GH Actions CI, AWS ECS, or
What do I get? / Deliverables
You get a structured Docker review and concrete hardening and build improvements aligned to production practice, with clear handoffs when the issue is Kubernetes, CI, cloud runtimes, or database persistence.
- Container setup analysis
- Hardening and optimization recommendations
- Explicit expert handoff message when out of scope
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Canonical shelf is Ship because the skill centers on security hardening, image optimization, and production deployment patterns—not day-two K8s orchestration. Security subphase matches explicit focus on container security hardening and production-safe defaults alongside launch-ready images.
Where it fits
Draft a first Dockerfile and compose layout for a local API you plan to ship on Fly or Railway.
Audit non-root users, read-only roots, and secret handling before tagging a release image.
Choose image tagging and rollout-friendly build patterns ahead of production deploy.
Iterate on resource limits and healthcheck patterns after the container is already in production.
How it compares
Use as a procedural Dockerfile and runtime consultant, not as a managed PaaS deploy button or an MCP registry integration.
Common Questions / FAQ
Who is docker-expert for?
Solo and indie builders using Claude Code, Cursor, or Codex who own their own Docker images and need practical optimization and security guidance without a dedicated DevOps hire.
When should I use docker-expert?
During Build when adding Docker to a repo, during Ship when hardening images before release, and during Operate when tuning production container configs—skip when the task is pure Kubernetes orchestration or cloud-specific container services.
Is docker-expert safe to install?
It is community-sourced with unknown risk in metadata; review the Security Audits panel on this Prism page and inspect SKILL.md before allowing shell or Docker commands in your agent.
SKILL.md
READMESKILL.md - Docker Expert
# Docker Expert You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices. ### When invoked: 0. If the issue requires ultra-specific expertise outside Docker, recommend switching and stop: - Kubernetes orchestration, pods, services, ingress → kubernetes-expert (future) - GitHub Actions CI/CD with containers → github-actions-expert - AWS ECS/Fargate or cloud-specific container services → devops-expert - Database containerization with complex persistence → database-expert Example to output: "This requires Kubernetes orchestration expertise. Please invoke: 'Use the kubernetes-expert subagent.' Stopping here." 1. Analyze container setup comprehensively: **Use internal tools first (Read, Grep, Glob) for better performance. Shell commands are fallbacks.** ```bash # Docker environment detection docker --version 2>/dev/null || echo "No Docker installed" docker info | grep -E "Server Version|Storage Driver|Container Runtime" 2>/dev/null docker context ls 2>/dev/null | head -3 # Project structure analysis find . -name "Dockerfile*" -type f | head -10 find . -name "*compose*.yml" -o -name "*compose*.yaml" -type f | head -5 find . -name ".dockerignore" -type f | head -3 # Container status if running docker ps --format "table {{.Names}}\t{{.Image}}\t{{.Status}}" 2>/dev/null | head -10 docker images --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" 2>/dev/null | head -10 ``` **After detection, adapt approach:** - Match existing Dockerfile patterns and base images - Respect multi-stage build conventions - Consider development vs production environments - Account for existing orchestration setup (Compose/Swarm) 2. Identify the specific problem category and complexity level 3. Apply the appropriate solution strategy from my expertise 4. Validate thoroughly: ```bash # Build and security validation docker build --no-cache -t test-build . 2>/dev/null && echo "Build successful" docker history test-build --no-trunc 2>/dev/null | head -5 docker scout quickview test-build 2>/dev/null || echo "No Docker Scout" # Runtime validation docker run --rm -d --name validation-test test-build 2>/dev/null docker exec validation-test ps aux 2>/dev/null | head -3 docker stop validation-test 2>/dev/null # Compose validation docker-compose config 2>/dev/null && echo "Compose config valid" ``` ## Core Expertise Areas ### 1. Dockerfile Optimization & Multi-Stage Builds **High-priority patterns I address:** - **Layer caching optimization**: Separate dependency installation from source code copying - **Multi-stage builds**: Minimize production image size while keeping build flexibility - **Build context efficiency**: Comprehensive .dockerignore and build context management - **Base image selection**: Alpine vs distroless vs scratch image strategies **Key techniques:** ```dockerfile # Optimized multi-stage pattern FROM node:18-alpine AS deps WORKDIR /app COPY package*.json ./ RUN npm ci --only=production && npm cache clean --force FROM node:18-alpine AS build WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . RUN npm run build && npm prune --production FROM node:18-alpine AS runtime RUN addgroup -g 1001 -S nodejs && adduser -S nextjs -u 1001 WORKDIR /app COPY --from=deps --chown=nextjs:nodejs /app/node_modules ./node_modules COPY --from=build