Agent skill

docker-optimizer

Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.

View SKILL.md on GitHub Repository
Stars 232
Forks 15

Install this agent skill to your Project

npx add-skill https://github.com/aiskillstore/marketplace/tree/main/skills/crazydubya/docker-optimizer

SKILL.md

Docker Optimizer

Analyzes and optimizes Dockerfiles for performance, security, and best practices.

When to Use

  • User working with Docker or containers
  • Dockerfile optimization needed
  • Container image too large
  • User mentions "Docker", "container", "image size", or "deployment"

Instructions

1. Find Dockerfiles

Search for: Dockerfile, Dockerfile.*, *.dockerfile

2. Check Best Practices

Use specific base image versions:

dockerfile
# Bad
FROM node:latest

# Good
FROM node:18-alpine

Minimize layers:

dockerfile
# Bad
RUN apt-get update
RUN apt-get install -y curl
RUN apt-get install -y git

# Good
RUN apt-get update && \
    apt-get install -y curl git && \
    rm -rf /var/lib/apt/lists/*

Order instructions by change frequency:

dockerfile
# Dependencies change less than code
COPY package*.json ./
RUN npm install
COPY . .

Use .dockerignore:

node_modules
.git
.env
*.md

3. Multi-Stage Builds

Reduce final image size:

dockerfile
# Build stage
FROM node:18 AS build
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build

# Production stage
FROM node:18-alpine
WORKDIR /app
COPY --from=build /app/dist ./dist
COPY --from=build /app/node_modules ./node_modules
CMD ["node", "dist/index.js"]

4. Security Issues

Don't run as root:

dockerfile
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser

No secrets in image:

dockerfile
# Bad: Hardcoded secret
ENV API_KEY=secret123

# Good: Use build args or runtime env
ARG BUILD_ENV
ENV NODE_ENV=${BUILD_ENV}

Scan for vulnerabilities:

bash
docker scan image:tag
trivy image image:tag

5. Size Optimization

Use Alpine images:

  • node:18-alpine vs node:18 (900MB → 170MB)
  • python:3.11-alpine vs python:3.11 (900MB → 50MB)

Remove unnecessary files:

dockerfile
RUN npm install --production && \
    npm cache clean --force

Use specific COPY:

dockerfile
# Bad: Copies everything
COPY . .

# Good: Copy only what's needed
COPY package*.json ./
COPY src ./src

6. Caching Strategy

Layer caching optimization:

dockerfile
# Install dependencies first (cached if package.json unchanged)
COPY package*.json ./
RUN npm install

# Copy source (changes more frequently)
COPY . .
RUN npm run build

7. Health Checks

dockerfile
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
  CMD node healthcheck.js

8. Generate Optimized Dockerfile

Provide improved version with:

  • Multi-stage build
  • Appropriate base image
  • Security improvements
  • Layer optimization
  • Build caching
  • .dockerignore file

9. Build Commands

Efficient build:

bash
# Use BuildKit
DOCKER_BUILDKIT=1 docker build -t app:latest .

# Build with cache from registry
docker build --cache-from myregistry/app:latest -t app:latest .

10. Dockerfile Checklist

  • Specific base image tag (not latest)
  • Multi-stage build if applicable
  • Non-root user
  • Minimal layers (combined RUN commands)
  • .dockerignore present
  • No secrets in image
  • Proper layer ordering for caching
  • Alpine or slim variant used
  • Cleanup in same RUN layer
  • HEALTHCHECK defined

Security Best Practices

  • Scan images regularly
  • Use official base images
  • Keep base images updated
  • Minimize attack surface (fewer packages)
  • Run as non-root user
  • Use read-only filesystem where possible

Supporting Files

  • templates/Dockerfile.optimized: Optimized multi-stage Dockerfile example
  • templates/.dockerignore: Common .dockerignore patterns

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

aiskillstore/marketplace

perigon-backend

Perigon ASP.NET Core + EF Core + Aspire conventions

232 15
Explore
aiskillstore/marketplace

perigon-agent

Pointers for Copilot/agents to apply Perigon conventions

232 15
Explore
aiskillstore/marketplace

perigon-angular

Angular 21+ standalone/Material/signal conventions for Perigon WebApp

232 15
Explore
aiskillstore/marketplace

fastapi-mastery

Comprehensive FastAPI development skill covering REST API creation, routing, request/response handling, validation, authentication, database integration, middleware, and deployment. Use when working with FastAPI projects, building APIs, implementing CRUD operations, setting up authentication/authorization, integrating databases (SQL/NoSQL), adding middleware, handling WebSockets, or deploying FastAPI applications. Triggered by requests involving .py files with FastAPI code, API endpoint creation, Pydantic models, or FastAPI-specific features.

232 15
Explore
aiskillstore/marketplace

context7-efficient

Token-efficient library documentation fetcher using Context7 MCP with 86.8% token savings through intelligent shell pipeline filtering. Fetches code examples, API references, and best practices for JavaScript, Python, Go, Rust, and other libraries. Use when users ask about library documentation, need code examples, want API usage patterns, are learning a new framework, need syntax reference, or troubleshooting with library-specific information. Triggers include questions like "Show me React hooks", "How do I use Prisma", "What's the Next.js routing syntax", or any request for library/framework documentation.

232 15
Explore
aiskillstore/marketplace

browser-use

Browser automation using Playwright MCP. Navigate websites, fill forms, click elements, take screenshots, and extract data. Use when tasks require web browsing, form submission, web scraping, UI testing, or any browser interaction.

232 15
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results