performing-docker-bench-security-assessment

mukul975/Anthropic-Cybersecurity-Skills|Updated May 25, 2026

Works with

Claude CodeCursorClineWindsurfCodex

Installation Guide

Select your AI agent

How to use performing-docker-bench-security-assessment on Cursor

AI-first code editor with Composer

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

›Cursor installed and configured on your machine
›Node.js 16+ with npm — verify with node --version
›Active project directory where you want to add performing-docker-bench-security-assessment

Run the install command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills install mukul975/Anthropic-Cybersecurity-Skills/performing-docker-bench-security-assessment

Fetches performing-docker-bench-security-assessment from mukul975/Anthropic-Cybersecurity-Skills and configures it for Cursor.

Select Cursor when prompted

The CLI shows a list of agents. Use arrow keys and space to select Cursor:

◆ Which agents do you want to install to?

│

│ ── Universal (.agents/skills) ────────────────

│ · Cline · Codex · Goose · Windsurf

│ ●Cursor(selected)

│ · Cursor · Aider · Continue

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/performing-docker-bench-security-assessment

Restart Cursor to activate performing-docker-bench-security-assessment. Access via /performing-docker-bench-security-assessment in your agent's command palette.

⚠

Security Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.

›View source on GitHub ›Skills CLI docs ›About Cursor ›What are agent skills?

Documentation

List & Monetize Your Skill

Submit your Claude Code skill and start earning

Get started →

Use Cases

Task Automation & Efficiency

Automate repetitive workflows and reduce manual effort

Example

Generate reports, summarize documents, draft communications

✓

Save 3-5 hours per week on routine tasks

Knowledge Enhancement

Learn new skills, understand complex topics, get expert guidance

Example

Explain concepts, provide examples, suggest learning resources

✓

Accelerate learning and skill development by 2x

Quality Improvement

Enhance output quality through reviews, suggestions, and refinements

Example

Review drafts, suggest improvements, catch errors

✓

Improve work quality by 30-40% with less effort

Overview

Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying Docker containers in production. Based on the CIS Docker Benchmark, it audits host configuration, Docker daemon settings, container images, runtime configurations, and security operations to generate a compliance report with pass/fail/warn results.

Workflow

Step 1: Run Docker Bench Security

# Run as a container (recommended) docker run --rm --net host --pid host --userns host --cap-add audit_control \ -e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \ -v /etc:/etc:ro \ -v /usr/bin/containerd:/usr/bin/containerd:ro \ -v /usr/bin/runc:/usr/bin/runc:ro \ -v /usr/lib/systemd:/usr/lib/systemd:ro \ -v /var/lib:/var/lib:ro \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ --label docker_bench_security \ docker/docker-bench-security # Run with JSON output docker run --rm --net host --pid host --userns host --cap-add audit_control \ -v /etc:/etc:ro \ -v /var/lib:/var/lib:ro \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ docker/docker-bench-security -l /dev/stdout 2>/dev/null | tee docker-bench-results.json # Run specific sections only docker run --rm --net host --pid host --userns host \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ docker/docker-bench-security -c container_images,container_runtime

Step 2: Interpret Results

[INFO] 1 - Host Configuration [PASS] 1.1.1 - Ensure a separate partition for containers has been created [WARN] 1.1.2 - Ensure only trusted users are allowed to control Docker daemon [PASS] 1.1.3 - Ensure auditing is configured for the Docker daemon [INFO] 2 - Docker daemon configuration [FAIL] 2.1 - Run the Docker daemon as a non-root user [PASS] 2.2 - Ensure network traffic is restricted between containers on the default bridge

Step 3: Remediate Common Failures

# Fix 2.2: Restrict inter-container communication echo '{"icc": false}' | sudo tee /etc/docker/daemon.json # Fix 2.17: Restrict containers from acquiring new privileges echo '{"no-new-privileges": true}' | sudo tee -a /etc/docker/daemon.json # Fix 5.3: Restrict Linux kernel capabilities # Use --cap-drop ALL in docker run commands # Fix 5.12: Mount container's root filesystem as read only # Use --read-only flag in docker run commands # Restart Docker daemon after configuration changes sudo systemctl restart docker

Step 4: Automate Scheduled Assessments

# docker-compose for scheduled assessment version: '3.8' services: bench-security: image: docker/docker-bench-security network_mode: host pid: host userns_mode: host cap_add: - audit_control volumes: - /etc:/etc:ro - /var/lib:/var/lib:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./results:/results command: -l /results/bench-$(date +%Y%m%d).log deploy: restart_policy: condition: none

Validation Commands

name	performing-docker-bench-security-assessment
description	Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying Docker containers in production. Based on the CIS Docker Benchmark, it audits host confi
domain	cybersecurity
subdomain	container-security
tags	- containers - docker - security - CIS-benchmark - assessment
version	'1.0'
author	mahipal
license	Apache-2.0
nist_csf	- PR.PS-01 - PR.IR-01 - ID.AM-08 - DE.CM-01

performing-docker-bench-security-assessment

Installation Guide

How to use performing-docker-bench-security-assessment on Cursor

Prerequisites

Run the install command

Select Cursor when prompted

Verify installation

Security Notice

Documentation

List & Monetize Your Skill

Use Cases

Task Automation & Efficiency

Knowledge Enhancement

Quality Improvement

Install Skill

Performing Docker Bench Security Assessment

Overview

When to Use

Prerequisites

Workflow

Step 1: Run Docker Bench Security

Step 2: Interpret Results

Step 3: Remediate Common Failures

Step 4: Automate Scheduled Assessments

Validation Commands

References

Implementation Guide

Best Practices

When to Use This

Learning Path

Related Skills

scanning-docker-images-with-trivy

performing-cryptographic-audit-of-application

implementing-soar-playbook-with-palo-alto-xsoar

exploiting-deeplink-vulnerabilities

generating-threat-intelligence-reports

analyzing-network-traffic-with-wireshark

Reviews

Discussion