containerization-assistant
Generates hardened, multi-stage Dockerfiles with non-root users, minimal base images, and a .dockerignore, after auto-detecting the application stack. Use when containerizing an application for the first time, when the user asks for a Dockerfile, when migrating from a VM deployment, or when an existing Dockerfile runs as root, uses a fat base image, or leaks build tooling into the runtime layer.
Install with Tessl CLI
npx tessl i github:santosomar/general-secure-coding-agent-skills --skill containerization-assistant97
Quality
96%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that excels across all dimensions. It provides specific concrete actions (multi-stage Dockerfiles, non-root users, minimal base images), includes comprehensive trigger terms that match natural user language, and has an explicit 'Use when...' clause covering multiple realistic scenarios. The description is distinctive enough to avoid conflicts with other skills while being comprehensive about its scope.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'generates hardened, multi-stage Dockerfiles', 'non-root users', 'minimal base images', '.dockerignore', and 'auto-detecting the application stack'. These are precise, actionable capabilities. | 3 / 3 |
Completeness | Clearly answers both what (generates hardened multi-stage Dockerfiles with specific security features) AND when (explicit 'Use when...' clause covering first-time containerization, Dockerfile requests, VM migration, and specific anti-patterns to fix). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'Dockerfile', 'containerizing', 'VM deployment', 'runs as root', 'fat base image', 'build tooling', 'runtime layer'. These match real user vocabulary when discussing Docker issues. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with clear niche around Docker/containerization with specific focus on security hardening and multi-stage builds. Unlikely to conflict with general coding skills or other deployment tools due to specific Docker terminology. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
92%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is an excellent, highly actionable skill that provides concrete Dockerfile templates, specific base image recommendations, and thorough validation steps. The content respects Claude's intelligence while adding substantial domain-specific knowledge about container hardening. The only weakness is that the comprehensive content could benefit from being split across multiple files for better progressive disclosure.
Suggestions
Consider extracting the stack-specific Dockerfile templates into a separate TEMPLATES.md file, keeping only one example in the main skill
Move the 'Edge cases' and 'Do not' sections to an ADVANCED.md or PITFALLS.md file, linking from the main skill
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is dense with actionable information and wastes no tokens explaining what Docker or containers are. Every section provides specific, technical guidance that Claude wouldn't inherently know (digest pinning, specific distroless images, native dependency detection patterns). | 3 / 3 |
Actionability | Provides complete, copy-paste ready Dockerfile templates for multiple stacks, specific commands for verification (`docker buildx imagetools inspect`), and concrete patterns like `RUN --mount=type=secret`. The marker file detection table is immediately executable. | 3 / 3 |
Workflow Clarity | Clear 5-step sequence with explicit validation checkpoints in Step 5 (sanity checks with specific commands). Includes decision points ('If no marker matches, stop and ask') and feedback loops for native dependency detection affecting base image choice. | 3 / 3 |
Progressive Disclosure | Content is well-organized with clear sections and tables, but it's a monolithic ~200 line file. The edge cases and templates could be split into separate reference files, with SKILL.md providing just the workflow overview and linking out. | 2 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.