When bumping a patch version (e.g., `1.9.0` -> `1.9.1`), follow this checklist.

This skill switches NanoClaw's container runtime from Docker to Apple Container (macOS-only). It uses the skills engine for deterministic code changes, then walks through verification.

Configure which host directories NanoClaw agent containers can access. The mount allowlist lives at `~/.config/nanoclaw/mount-allowlist.json`.

../../../engineering/docker-development/SKILL.md

> If you see unfamiliar placeholders or need to check which tools are connected, see [CONNECTORS.md](../../CONNECTORS.md).

Detect unauthorized modifications to running containers by monitoring for binary execution drift, file system

Container escape is a critical attack technique where an adversary breaks out of container isolation to access

Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file

Detect and prevent privilege escalation in Kubernetes pods by monitoring security contexts, capabilities, and

Deploy Aqua Security's Trivy scanner to detect vulnerabilities, misconfigurations, secrets, and license issues

**SUNO音乐创作速查表来啦！无论你是音乐爱好者还是创作者，这份速查表都能帮助你轻松找到最合适的音乐元素！✨**

Connect OpenClaw to Interactive Brokers via IB Gateway Docker. Live portfolio data, real-time quotes, historical K-lines, technical analysis, and Telegram alerts — all read-only safe. Use when users ask about IBKR integration, portfolio monitoring, stock analysis, or automated trading alerts.

>

Identify publicly accessible Azure Storage accounts and misconfigured blob containers

审计本地 openclaw 的安全配置与运行暴露面。用于检查、验证、解释和总结当前机器或沙箱中的 openclaw 相关安全设置，包括代理配置、sandbox 配置、docker 端口暴露、gateway 检查、文件权限、workspace symlink 风险、本地监听端口以及整体本地安全状态。

Protects your credential lifecycle — not just finding secrets in source code (that's what Sentry does), but tracking how credentials are exposed through services, permissions, history, configs, contai

001-jeremy-taskwarrior-integration

cursor-model-selection

stackblitz-security-basics

docker-compose-creator

docker-container-basics

dockerfile-generator

container-security-auditor

time-series-decomposer

OWASP Docker Top 6 vulnerability knowledge base for identifying, assessing, and remediating security risks in containerized Docker environments - Brought to you by microsoft/hve-core.

Compose compelling research narratives for NEH, ACLS, and foundation funding proposals with clear significance statements

Container image and Kubernetes security scanning for CVEs, misconfigurations, and compliance

Run security scans including SAST, dependency scanning, and secret detection

Навык для реализации сохранения и загрузки игровых сущностей (например, поселений) в формате JSON с использованием библиотеки Gson и PersistentDataContainer (PDC) мира Bukkit.

使用共享的 CookieContainer 实现 HttpWebRequest 的自动 Cookie 管理，包括初始 Cookie 设置、会话保持及跨请求状态同步，避免手动处理响应头。

扮演Hugging Face空间部署顾问，专注于修改Dockerfile内容以解决部署问题。严格遵守不提供示例、不发散思维、不假设文件名、仅基于现有Dockerfile内容进行优化的约束。

指导用户使用Docker Compose部署Nextcloud（含MariaDB数据库）及FRP服务端/客户端，配置TOML格式的FRP配置文件，利用Docker内部网络进行服务代理，并解决Nextcloud信任域名及文件权限问题。

提供使用C# HttpWebRequest和CookieContainer实现自动Cookie管理及会话保持的代码方案，适用于需要跨请求维持登录状态的场景。

Assist in the process of selling chemical elements as collectibles, ensuring the sale of the actual element rather than just the container, and mandating verification of safety and legality with professionals.

飞书邮箱 — draft, compose, send, reply, forward, read, and search emails; manage drafts, folders, labels, contacts, and attachments. Use when user mentions 起草邮件, 写一封邮件, 拟邮件, 草稿, 发通知邮件, 发送邮件, 发邮件, 回复邮件, 转发邮件, 查看邮件, 看邮件, 读邮件, 搜索邮件, 查邮件, 收件箱, 邮件会话, 编辑草稿, 管理草稿, 下载附件, 邮件文件夹, 邮件标签, 邮件联系人, 监听新邮件, draft, compose, send email, reply, forward, inbox, mail thread.

Use this when creating new projects, generating documentation, cleaning/organizing a repo, suggesting architecture, deploying containers and services, naming files/folders, or when the user references 'ecosystem', 'patterns', or 'containers'. This skill outlines naming conventions, stack preferences, project organization (iMi worktrees), Docker patterns, and PRD structures from past conversations.

Structured reflective problem-solving methodology. Process: decompose, analyze, hypothesize, verify, revise. Capabilities: complex problem decomposition, adaptive planning, course correction, hypothesis verification, multi-step analysis. Actions: decompose, analyze, plan, revise, verify solutions step-by-step. Keywords: sequential thinking, problem decomposition, multi-step analysis, hypothesis verification, adaptive planning, course correction, reflective thinking, step-by-step, thought sequence, dynamic adjustment, unclear scope, complex problem, structured analysis. Use when: decomposing complex problems, planning with revision capability, analyzing unclear scope, verifying hypotheses, needing course correction, solving multi-step problems.

You are an expert in 3D bin packing and three-dimensional space optimization. Your goal is to help pack 3D boxes and items into containers, trucks, or bins while maximizing space utilization, minimizi

Configure and manage AeroSpace tiling window manager for macOS. Use when working with window layouts, tiling configurations, workspace management, monitor assignments, or AeroSpace keybindings. Keywords: aerospace, tiling, workspaces, window manager, i3-like.

>

Configure Azure DevOps service connections for deployments. Use when setting up cloud service integrations or deployment credentials.

This skill should be used when the user asks about Bootstrap helpers, Bootstrap clearfix, Bootstrap color and background helpers, Bootstrap colored links, Bootstrap focus ring, Bootstrap icon link, Bootstrap position helpers, Bootstrap ratio helpers, Bootstrap stacks, Bootstrap stretched link, Bootstrap text truncation, Bootstrap vertical rule, Bootstrap visually hidden, or needs help with Bootstrap helper classes.

Sync conversation history from .codex/sessions to .claude.json for context preservation

Initial Convex workspace setup in Coder workspaces with self-hosted Convex deployment, authentication configuration, Docker setup, and environment variable generation

Colima provides container runtimes (Docker, Containerd) on macOS with minimal setup. It runs a Linux VM and exposes Docker via contexts.

Generalization and composition of constraints across navigators

Docker, Docker Compose ve Nginx yapılandırması için uzman yetenek. Konteynerleştirme, reverse proxy, SSL sonlandırma ve üretim ortamı dağıtımı (production deployment) konularında kullanılır.

>

Intermediate scope for inheritance — like OpenLaszlo's <node>

Use to decompose user stories into individual development tasks. Creates task documents that can be assigned, estimated, and tracked.