This is your checklist when you need to lock down Docker in production or pass a security audit. It walks you through the full stack: scanning images with Scout and Trivy, dropping capabilities with --cap-drop ALL, running read-only filesystems, applying seccomp and AppArmor profiles, and managing secrets without leaking them in layers or environment variables. You also get network isolation patterns, CIS Docker Benchmark mapping, and recipes for Chainguard's zero-CVE images if you're chasing compliance. Activate it when you're hardening containers, reviewing Dockerfiles for vulnerabilities, or setting up supply chain security with signed images and SBOMs.
npx skills add https://github.com/josiahsiegel/claude-plugin-marketplace --skill docker-security-guide