dockerignore-linter

Lint, validate, and audit .dockerignore files for syntax issues, security risks, missing patterns, and optimization opportunities. Use when asked to lint, validate, audit, or check .dockerignore files, optimize Docker build context, reduce Docker image size, or review what files are included in Docker builds. Triggers on "lint dockerignore", "check .dockerignore", "docker context", "docker build size", "audit dockerignore".

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "dockerignore-linter" with this command: npx skills add charlie-morrison/dockerignore-linter

Dockerignore Linter

Lint .dockerignore files for syntax issues, security risks, missing essential patterns, and optimization opportunities.

Commands

All commands use the bundled Python script at scripts/dockerignore_linter.py.

1. Lint a .dockerignore file

python3 scripts/dockerignore_linter.py lint <file> [--strict] [--format text|json|markdown]

Run all validation rules.

2. Audit for security-sensitive files

python3 scripts/dockerignore_linter.py security <file> [--format text|json|markdown]

Check if secrets, credentials, and sensitive files are properly excluded.

3. Suggest missing patterns

python3 scripts/dockerignore_linter.py suggest [--project-type node|python|go|rust|java|ruby|generic] [--format text|json]

Generate recommended .dockerignore patterns for a project type.

4. Analyze Docker build context

python3 scripts/dockerignore_linter.py context <directory> [--dockerignore <file>] [--format text|json]

Show which files would be included in the Docker build context, with size breakdown.

Lint Rules (18 total)

Syntax (4 rules)

  1. empty-file — .dockerignore is empty
  2. invalid-pattern — Malformed glob pattern
  3. duplicate-pattern — Same pattern appears twice
  4. negation-conflict — Negation ! overrides a previous exclusion (likely unintended)

Security (6 rules)

  1. missing-env.env not excluded (may contain secrets)
  2. missing-secrets — Common secret files not excluded (*.pem, *.key, id_rsa, etc.)
  3. missing-git.git directory not excluded (exposes history + credentials)
  4. missing-credentials — Credential files not excluded (aws/credentials, .npmrc with tokens, etc.)
  5. missing-docker — Docker-related files not excluded (docker-compose*.yml, Dockerfile*)
  6. missing-ide — IDE config not excluded (.vscode, .idea, *.swp)

Optimization (4 rules)

  1. missing-deps — Dependency directories not excluded (node_modules, pycache, vendor, target)
  2. missing-build — Build output not excluded (dist, build, *.o, *.pyc)
  3. missing-logs — Log files not excluded (*.log, logs/)
  4. missing-test — Test data/coverage not excluded (coverage, .nyc_output, htmlcov)

Best Practices (4 rules)

  1. too-broad — Pattern is overly broad (e.g., * without specific negations)
  2. commented-pattern — Inline comment after pattern (not supported, treated as literal)
  3. trailing-space — Pattern has trailing whitespace
  4. readme-excluded — README/docs excluded (usually should be kept for reference)

Output Formats

Text, JSON, Markdown — same structure as other linters.

CI Integration

- name: Lint Dockerignore
  run: python3 scripts/dockerignore_linter.py lint .dockerignore --strict

Exit codes: 0 = clean, 1 = issues found.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Skill Auditor

Audit core: a classification taxonomy and a severity scoring function, kept orthogonal. Operates on the whole skill bundle (SKILL.md plus any referenced scri...

Registry SourceRecently Updated
00ambarion
Security

ISNAD Security Kit

The ultimate security baseline for autonomous AI agents. Installs the complete ISNAD protocol stack with zero configuration.

Registry SourceRecently Updated
2110horn111
Security

Openclaw Sec

AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violat...

Registry SourceRecently Updated
2090lockdown56
Security

CogDx Calibration Audit

Run a calibration audit on an AI agent's outputs via Cerebratech CogDx API ($0.05 per call, credits accepted). Use when an agent's stated confidence doesn't...

Registry SourceRecently Updated
2110drkavner