docker-compose-linter

Lint docker-compose.yml files for security, best practices, and port conflicts.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "docker-compose-linter" with this command: npx skills add charlie-morrison/docker-compose-linter

docker-compose-linter

A pure Python 3 (stdlib only) linter for docker-compose.yml files.

Commands

python3 scripts/docker-compose-linter.py <command> [options] FILE
CommandDescription
lintLint a docker-compose.yml for issues
servicesList all services with their images/builds
portsList all port mappings, detect conflicts
auditFull audit (lint + services + ports summary)

Options

OptionDescription
--format text|json|markdownOutput format (default: text)
--strictExit 1 on any issue (not just errors)
--ignore RULEIgnore a specific rule (repeatable)
--min-severity error|warning|infoMinimum severity to report (default: info)

Lint Rules

RuleSeverityDescription
no-versioninfoMissing or outdated version: key
no-healthcheckwarningService without healthcheck defined
no-restart-policywarningService without restart policy
privileged-modeerrorService running in privileged mode
port-conflicterrorMultiple services mapping to same host port
host-networkwarningUsing network_mode: host (security risk)
latest-tagwarningImage using :latest tag or no tag
no-resource-limitsinfoNo memory/CPU limits (deploy.resources)
hardcoded-envwarningSecrets/passwords directly in environment variables
root-userwarningNo user: specified (runs as root by default)
missing-depends-oninfoService uses links but no depends_on
bind-mount-relativeinfoRelative bind mount paths
no-logginginfoNo logging configuration
duplicate-serviceerrorDuplicate service names

Examples

# Lint with default text output
python3 scripts/docker-compose-linter.py lint docker-compose.yml

# Only show errors and warnings
python3 scripts/docker-compose-linter.py --min-severity warning lint docker-compose.yml

# JSON output for CI pipelines
python3 scripts/docker-compose-linter.py --format json lint docker-compose.yml

# Full audit in markdown
python3 scripts/docker-compose-linter.py --format markdown audit docker-compose.yml

# Ignore specific rules
python3 scripts/docker-compose-linter.py --ignore root-user --ignore no-logging lint docker-compose.yml

# Strict mode: exit 1 on any issue
python3 scripts/docker-compose-linter.py --strict lint docker-compose.yml

Requirements

  • Python 3.7+
  • No external dependencies (pure stdlib)

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

AxonFlow Governance Policies

Govern OpenClaw with AxonFlow — block dangerous commands, detect PII, prevent data exfiltration, protect agent config files, explain policy decisions, grant...

Registry SourceRecently Updated
2671axonflow
Security

Crypto Guardian

Provides security guidance and checks for safely managing crypto wallets, keys, seed phrases, approvals, multisig, and incident response for AI agents.

Registry SourceRecently Updated
50ayh-25
Security

Secrets Audit

Scan projects and codebases for exposed secrets, API keys, tokens, passwords, and sensitive credentials. Detects hardcoded secrets in source code, config fil...

Registry SourceRecently Updated
1390charlie-morrison
Security

CSP Policy Generator

Generate, validate, and tighten Content Security Policy (CSP) headers for web applications. Analyze existing pages to discover resource origins, build least-...

Registry SourceRecently Updated
580charlie-morrison