This validator runs hadolint and Checkov against your Dockerfiles and classifies findings into Critical, High, Medium, and Low buckets. It skips reference docs if everything passes, which is a nice touch. The skill follows a strict execution order and includes fallback branches for when you're in a locked-down environment without Python or Docker. You get severity-based reporting that maps issues to specific reference files (security checklist, optimization guide, best practices). The deterministic flow and explicit fallback handling make it reliable in CI pipelines where tool availability varies. If you're reviewing Dockerfiles before merge or hardening images for production, this gives you structured output without the usual tool-chaining guesswork.
npx skills add https://github.com/akin-ozer/cc-devops-skills --skill dockerfile-validator