chore(agent): configure AI agents and tools

Add configuration for BMad, Claude, OpenCode, and other AI agent tools and workflows.

.agent/skills/docker-optimizer/SKILL.md

@@ -0,0 +1,196 @@
+---
+name: docker-optimizer
+description: Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.
+allowed-tools: Read, Grep, Glob, Write, Edit
+---
+
+# Docker Optimizer
+
+Analyzes and optimizes Dockerfiles for performance, security, and best practices.
+
+## When to Use
+- User working with Docker or containers
+- Dockerfile optimization needed
+- Container image too large
+- User mentions "Docker", "container", "image size", or "deployment"
+
+## Instructions
+
+### 1. Find Dockerfiles
+
+Search for: `Dockerfile`, `Dockerfile.*`, `*.dockerfile`
+
+### 2. Check Best Practices
+
+**Use specific base image versions:**
+```dockerfile
+# Bad
+FROM node:latest
+
+# Good
+FROM node:18-alpine
+```
+
+**Minimize layers:**
+```dockerfile
+# Bad
+RUN apt-get update
+RUN apt-get install -y curl
+RUN apt-get install -y git
+
+# Good
+RUN apt-get update && \
+    apt-get install -y curl git && \
+    rm -rf /var/lib/apt/lists/*
+```
+
+**Order instructions by change frequency:**
+```dockerfile
+# Dependencies change less than code
+COPY package*.json ./
+RUN npm install
+COPY . .
+```
+
+**Use .dockerignore:**
+```
+node_modules
+.git
+.env
+*.md
+```
+
+### 3. Multi-Stage Builds
+
+Reduce final image size:
+
+```dockerfile
+# Build stage
+FROM node:18 AS build
+WORKDIR /app
+COPY package*.json ./
+RUN npm install
+COPY . .
+RUN npm run build
+
+# Production stage
+FROM node:18-alpine
+WORKDIR /app
+COPY --from=build /app/dist ./dist
+COPY --from=build /app/node_modules ./node_modules
+CMD ["node", "dist/index.js"]
+```
+
+### 4. Security Issues
+
+**Don't run as root:**
+```dockerfile
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
+USER appuser
+```
+
+**No secrets in image:**
+```dockerfile
+# Bad: Hardcoded secret
+ENV API_KEY=secret123
+
+# Good: Use build args or runtime env
+ARG BUILD_ENV
+ENV NODE_ENV=${BUILD_ENV}
+```
+
+**Scan for vulnerabilities:**
+```bash
+docker scan image:tag
+trivy image image:tag
+```
+
+### 5. Size Optimization
+
+**Use Alpine images:**
+- `node:18-alpine` vs `node:18` (900MB → 170MB)
+- `python:3.11-alpine` vs `python:3.11` (900MB → 50MB)
+
+**Remove unnecessary files:**
+```dockerfile
+RUN npm install --production && \
+    npm cache clean --force
+```
+
+**Use specific COPY:**
+```dockerfile
+# Bad: Copies everything
+COPY . .
+
+# Good: Copy only what's needed
+COPY package*.json ./
+COPY src ./src
+```
+
+### 6. Caching Strategy
+
+Layer caching optimization:
+
+```dockerfile
+# Install dependencies first (cached if package.json unchanged)
+COPY package*.json ./
+RUN npm install
+
+# Copy source (changes more frequently)
+COPY . .
+RUN npm run build
+```
+
+### 7. Health Checks
+
+```dockerfile
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+  CMD node healthcheck.js
+```
+
+### 8. Generate Optimized Dockerfile
+
+Provide improved version with:
+- Multi-stage build
+- Appropriate base image
+- Security improvements
+- Layer optimization
+- Build caching
+- .dockerignore file
+
+### 9. Build Commands
+
+**Efficient build:**
+```bash
+# Use BuildKit
+DOCKER_BUILDKIT=1 docker build -t app:latest .
+
+# Build with cache from registry
+docker build --cache-from myregistry/app:latest -t app:latest .
+```
+
+### 10. Dockerfile Checklist
+
+- [ ] Specific base image tag (not `latest`)
+- [ ] Multi-stage build if applicable
+- [ ] Non-root user
+- [ ] Minimal layers (combined RUN commands)
+- [ ] .dockerignore present
+- [ ] No secrets in image
+- [ ] Proper layer ordering for caching
+- [ ] Alpine or slim variant used
+- [ ] Cleanup in same RUN layer
+- [ ] HEALTHCHECK defined
+
+## Security Best Practices
+
+- Scan images regularly
+- Use official base images
+- Keep base images updated
+- Minimize attack surface (fewer packages)
+- Run as non-root user
+- Use read-only filesystem where possible
+
+## Supporting Files
+- `templates/Dockerfile.optimized`: Optimized multi-stage Dockerfile example
+- `templates/.dockerignore`: Common .dockerignore patterns

.agent/skills/docker-optimizer/skill-report.json

@@ -0,0 +1,190 @@
+{
+  "schema_version": "2.0",
+  "meta": {
+    "generated_at": "2026-01-10T12:49:08.788Z",
+    "slug": "crazydubya-docker-optimizer",
+    "source_url": "https://github.com/CrazyDubya/claude-skills/tree/main/docker-optimizer",
+    "source_ref": "main",
+    "model": "claude",
+    "analysis_version": "2.0.0",
+    "source_type": "community",
+    "content_hash": "91e122d5cb5f029f55f8ef0d0271eb27a36814091d8749886a847b682f5d5156",
+    "tree_hash": "67892c5573ebf65b1bc8bc3227aa00dd785c102b1874e665c8e5b2d78a3079a0"
+  },
+  "skill": {
+    "name": "docker-optimizer",
+    "description": "Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.",
+    "summary": "Reviews Dockerfiles for best practices, security issues, and image size optimizations including mult...",
+    "icon": "🐳",
+    "version": "1.0.0",
+    "author": "CrazyDubya",
+    "license": "MIT",
+    "category": "devops",
+    "tags": [
+      "docker",
+      "containers",
+      "optimization",
+      "security",
+      "devops"
+    ],
+    "supported_tools": [
+      "claude",
+      "codex",
+      "claude-code"
+    ],
+    "risk_factors": []
+  },
+  "security_audit": {
+    "risk_level": "safe",
+    "is_blocked": false,
+    "safe_to_publish": true,
+    "summary": "This is a legitimate Docker optimization tool with strong security practices. It contains documentation and templates that promote secure containerization practices without any executable code or network operations.",
+    "risk_factor_evidence": [],
+    "critical_findings": [],
+    "high_findings": [],
+    "medium_findings": [],
+    "low_findings": [],
+    "dangerous_patterns": [],
+    "files_scanned": 3,
+    "total_lines": 317,
+    "audit_model": "claude",
+    "audited_at": "2026-01-10T12:49:08.788Z"
+  },
+  "content": {
+    "user_title": "Optimize Dockerfiles for Security and Performance",
+    "value_statement": "Docker images are often bloated and insecure. This skill analyzes your Dockerfiles and provides optimized versions with multi-stage builds, security hardening, and size reduction techniques.",
+    "seo_keywords": [
+      "docker optimization",
+      "dockerfile best practices",
+      "container security",
+      "multi-stage builds",
+      "docker image size",
+      "claude docker",
+      "codex containers",
+      "claude-code devops",
+      "docker layer caching",
+      "container optimization"
+    ],
+    "actual_capabilities": [
+      "Analyzes Dockerfiles for security vulnerabilities and best practice violations",
+      "Recommends specific base image versions and multi-stage build patterns",
+      "Provides optimized .dockerignore templates to prevent sensitive data exposure",
+      "Suggests layer caching strategies to speed up builds",
+      "Generates production-ready Dockerfile examples with non-root users"
+    ],
+    "limitations": [
+      "Only analyzes Dockerfile syntax and structure, not runtime behavior",
+      "Requires manual implementation of recommended changes",
+      "Cannot scan existing Docker images for vulnerabilities",
+      "Limited to Node.js examples in provided templates"
+    ],
+    "use_cases": [
+      {
+        "target_user": "DevOps Engineers",
+        "title": "Production Deployment Optimization",
+        "description": "Reduce Docker image sizes by 80% and improve security posture for production deployments with hardened configurations."
+      },
+      {
+        "target_user": "Developers",
+        "title": "Development Workflow Enhancement",
+        "description": "Speed up local development with optimized layer caching and multi-stage builds that separate build dependencies from runtime."
+      },
+      {
+        "target_user": "Security Teams",
+        "title": "Container Security Auditing",
+        "description": "Identify security anti-patterns in Dockerfiles like running as root, exposing secrets, or using vulnerable base images."
+      }
+    ],
+    "prompt_templates": [
+      {
+        "title": "Basic Dockerfile Review",
+        "scenario": "First-time Docker user needs guidance",
+        "prompt": "Review this Dockerfile and tell me what's wrong: [paste Dockerfile content]. I'm new to Docker and want to follow best practices."
+      },
+      {
+        "title": "Image Size Optimization",
+        "scenario": "Large image slowing down deployments",
+        "prompt": "My Docker image is 2GB and takes forever to build. Here's my Dockerfile: [paste content]. How can I make it smaller and faster?"
+      },
+      {
+        "title": "Security Hardening",
+        "scenario": "Production security requirements",
+        "prompt": "I need to secure this Dockerfile for production use: [paste content]. Please check for security issues and provide a hardened version."
+      },
+      {
+        "title": "Multi-Stage Build Conversion",
+        "scenario": "Complex application with build dependencies",
+        "prompt": "Convert this single-stage Dockerfile to use multi-stage builds to separate build dependencies from the runtime image: [paste content]"
+      }
+    ],
+    "output_examples": [
+      {
+        "input": "Review my Node.js Dockerfile for best practices",
+        "output": [
+          "✓ Found 3 optimization opportunities:",
+          "• Use specific base image version (node:18-alpine instead of node:latest)",
+          "• Add multi-stage build to reduce final image size by 70%",
+          "• Create non-root user for security (currently running as root)",
+          "• Move dependencies copy before source code for better caching",
+          "• Add .dockerignore to exclude 15 unnecessary files",
+          "• Include HEALTHCHECK instruction for container health monitoring"
+        ]
+      }
+    ],
+    "best_practices": [
+      "Always use specific base image tags instead of 'latest' for reproducible builds",
+      "Implement multi-stage builds to keep production images minimal and secure",
+      "Create and use non-root users to limit container privileges"
+    ],
+    "anti_patterns": [
+      "Never hardcode secrets or API keys directly in Dockerfiles using ENV instructions",
+      "Avoid copying entire source directories when only specific files are needed",
+      "Don't run package managers without cleaning caches in the same layer"
+    ],
+    "faq": [
+      {
+        "question": "Which base images should I use?",
+        "answer": "Use Alpine variants for smaller sizes (node:18-alpine, python:3.11-alpine) or distroless images for maximum security."
+      },
+      {
+        "question": "How much can this reduce my image size?",
+        "answer": "Typically 60-80% reduction through multi-stage builds and Alpine base images. A 2GB Node.js image can become 200-400MB."
+      },
+      {
+        "question": "Does this work with all programming languages?",
+        "answer": "Yes, the optimization principles apply to all languages. Examples cover Node.js, Python, Go, Java, and Ruby Dockerfiles."
+      },
+      {
+        "question": "Is my code safe when using this skill?",
+        "answer": "Yes, this skill only reads and analyzes your Dockerfile. It doesn't execute code or make network calls."
+      },
+      {
+        "question": "What if my build breaks after optimization?",
+        "answer": "The skill provides gradual optimization steps. Test each change separately and keep your original Dockerfile as backup."
+      },
+      {
+        "question": "How does this compare to Docker's best practices documentation?",
+        "answer": "This skill provides actionable, specific recommendations based on your actual Dockerfile rather than generic guidelines."
+      }
+    ]
+  },
+  "file_structure": [
+    {
+      "name": "templates",
+      "type": "dir",
+      "path": "templates",
+      "children": [
+        {
+          "name": "Dockerfile.optimized",
+          "type": "file",
+          "path": "templates/Dockerfile.optimized"
+        }
+      ]
+    },
+    {
+      "name": "SKILL.md",
+      "type": "file",
+      "path": "SKILL.md"
+    }
+  ]
+}

.agent/skills/docker-optimizer/templates/Dockerfile.optimized

@@ -0,0 +1,49 @@
+# Multi-stage Dockerfile Example (Node.js)
+
+# Build stage
+FROM node:18-alpine AS build
+WORKDIR /app
+
+# Copy dependency files
+COPY package*.json ./
+
+# Install dependencies
+RUN npm ci --only=production && \
+    npm cache clean --force
+
+# Copy source code
+COPY . .
+
+# Build application
+RUN npm run build
+
+# Production stage
+FROM node:18-alpine
+WORKDIR /app
+
+# Install dumb-init for proper signal handling
+RUN apk add --no-cache dumb-init
+
+# Create non-root user
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
+
+# Copy built application from build stage
+COPY --from=build --chown=appuser:appgroup /app/dist ./dist
+COPY --from=build --chown=appuser:appgroup /app/node_modules ./node_modules
+COPY --chown=appuser:appgroup package*.json ./
+
+# Switch to non-root user
+USER appuser
+
+# Expose port
+EXPOSE 3000
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+  CMD node healthcheck.js || exit 1
+
+# Use dumb-init to handle signals properly
+ENTRYPOINT ["dumb-init", "--"]
+
+# Start application
+CMD ["node", "dist/index.js"]