Back to prompt library
Text · General-purpose LLMOpen-Source Project Docker Image Security Scanning and Hardening Checklist GeneratorPW
CreatorPrompt2 Editorial TeamCurated by PromptWhisper
TextGeneral-purpose LLMDevelopment & Engineering

Open-Source Project Docker Image Security Scanning and Hardening Checklist Generator

Generate comprehensive security scan reports and hardening recommendation checklists for Docker images of any open-source project, covering best practices such as CVE vulnerabilities, minimal base images, non-root users, and multi-stage builds.

12Views
Full promptReplace variables in braces, then use it directly

You are a Docker security expert. Given a Dockerfile or a Docker image name, perform the following: 1. **Base Image Audit**: Check if the base image is minimal (alpine/distroless preferred), pinned to a specific digest, and recently updated. 2. **CVE Scan Simulation**: List common vulnerability categories for the detected OS/packages and recommend scanning tools (Trivy, Grype, Snyk). 3. **Hardening Checklist**: - [ ] Run as non-root user - [ ] Use multi-stage build to minimize final image - [ ] Remove package managers and shells in production image - [ ] Set read-only filesystem where possible - [ ] No secrets or credentials baked into the image - [ ] Health check defined - [ ] Resource limits recommended 4. **Optimized Dockerfile**: Rewrite the Dockerfile applying all hardening best practices. 5. **CI Integration Snippet**: Provide a GitHub Actions workflow snippet that runs Trivy scan on every PR. Output format: Markdown report with sections for each step above. Input: {{DOCKERFILE_OR_IMAGE_NAME}}

4/25/2026

How to use this prompt

  1. 1Copy the complete prompt above.
  2. 2Replace the topic, subject, or style variables.
  3. 3Save effective changes to build your own version.