# Send Docker (Essentials + Advanced) to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "docker", "name": "Docker (Essentials + Advanced)", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/ivangdavila/docker", "canonicalUrl": "https://clawhub.ai/ivangdavila/docker", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/docker", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=docker", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md", "commands.md", "compose.md", "images.md", "infrastructure.md", "security.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "docker", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-02T15:40:29.662Z", "expiresAt": "2026-05-09T15:40:29.662Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=docker", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=docker", "contentDisposition": "attachment; filename=\"docker-1.0.4.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "docker" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/docker" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/docker", "downloadUrl": "https://openagent3.xyz/downloads/docker", "agentUrl": "https://openagent3.xyz/skills/docker/agent", "manifestUrl": "https://openagent3.xyz/skills/docker/agent.json", "briefUrl": "https://openagent3.xyz/skills/docker/agent.md" } } ``` ## Documentation ### When to Use Use when the task involves Docker, Dockerfiles, container builds, Compose, image publishing, networking, volumes, logs, debugging, or production container operations. This skill is stateless and should be applied directly whenever Docker work appears. ### Quick Reference TopicFileEssential commandscommands.mdDockerfile patternsimages.mdCompose orchestrationcompose.mdNetworking & volumesinfrastructure.mdSecurity hardeningsecurity.md ### 1. Pin Image Versions python:3.11.5-slim not python:latest Today's latest differs from tomorrow's — breaks immutable builds ### 2. Combine RUN Commands apt-get update && apt-get install -y pkg in ONE layer Separate layers = stale package cache weeks later ### 3. Non-Root by Default Add USER nonroot in Dockerfile Running as root fails security scans and platform policies ### 4. Set Resource Limits -m 512m on every container OOM killer strikes without warning otherwise ### 5. Configure Log Rotation Default json-file driver has no size limit One chatty container fills disk and crashes host ### Image Traps Multi-stage builds: forgotten --from=builder copies from wrong stage silently COPY before RUN invalidates cache on every file change — copy requirements first, install, then copy code ADD extracts archives automatically — use COPY unless you need extraction Build args visible in image history — never use for secrets ### Runtime Traps localhost inside container is container's localhost — bind to 0.0.0.0 Port already in use: previous container still stopping — wait or force remove Exit code 137 = OOM killed, 139 = segfault — check with docker inspect --format='{{.State.ExitCode}}' No shell in distroless images — docker cp files out or use debug sidecar ### Networking Traps Container DNS only works on custom networks — default bridge can't resolve names Published ports bind to 0.0.0.0 — use 127.0.0.1:5432:5432 for local-only Zombie connections from killed containers — set health checks and restart policies ### Compose Traps depends_on waits for container start, not service ready — use condition: service_healthy .env file in wrong directory silently ignored — must be next to docker-compose.yml Volume mounts overwrite container files — empty host dir = empty container dir YAML anchors don't work across files — use multiple compose files instead ### Volume Traps Anonymous volumes accumulate silently — use named volumes Bind mounts have permission issues — container user must match host user docker system prune doesn't remove named volumes — add --volumes flag Stopped container data persists until container removed ### Resource Leaks Dangling images grow unbounded — docker image prune regularly Build cache grows forever — docker builder prune reclaims space Stopped containers consume disk — docker container prune or --rm on run Networks pile up from compose projects — docker network prune ### Secrets and Security ENV and COPY bake secrets into layer history permanently — use secrets mount or runtime env --privileged disables all security — almost never needed, find specific capability instead Images from unknown registries may be malicious — verify sources Build args visible in image history — don't use for secrets ### Debugging Exit code 137 = OOM killed, 139 = segfault — check docker inspect --format='{{.State.ExitCode}}' Container won't start: check logs even for failed containers — docker logs No shell in distroless images — docker cp files out or use debug sidecar Inspect filesystem of dead container — docker cp deadcontainer:/path ./local ### Related Skills Install with clawhub install if user confirms: devops — deployment pipelines linux — host system management server — server administration ### Feedback If useful: clawhub star docker Stay updated: clawhub sync ## Trust - Source: tencent - Verification: Indexed source record - Publisher: ivangdavila - Version: 1.0.4 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-05-02T15:40:29.662Z - Expires at: 2026-05-09T15:40:29.662Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/docker) - [Send to Agent page](https://openagent3.xyz/skills/docker/agent) - [JSON manifest](https://openagent3.xyz/skills/docker/agent.json) - [Markdown brief](https://openagent3.xyz/skills/docker/agent.md) - [Download page](https://openagent3.xyz/downloads/docker)