Pricing

from $20.00 / 1,000 docker file audit calls

Dockerfile Security & Quality Audit

Hadolint-grade Dockerfile audit, MCP-native. 18+ checks across 5 categories (base image, instructions, security, efficiency, secrets) with severity, line numbers, remediation, and fix snippets. Pay-per-event. Call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Pricing

from $20.00 / 1,000 docker file audit calls

Rating

0.0

(0)

Developer

Noel Himer

Actor stats

Bookmarked

Total users

Monthly active users

8 days ago

Last modified

Available on

Apify Actor Store — primary
Smithery

Newsletter: Unbearable TechTips Weekly · All Actors: github.com/UnbearableDev

What it does

Point any MCP-capable client (Claude Desktop, Cursor, n8n, Make, Zapier, custom agents) at this server, hand it a Dockerfile, get back a structured report:

Severity — high / medium / low / info
Line number — exact location in the file
Description — what's wrong and why it matters
Remediation — what to do about it
Fix snippet — Dockerfile syntax you can paste directly

Tools

Tool	Purpose
	Run all checks
	FROM/tag/digest/registry checks only
	CMD form, ADD vs COPY, MAINTAINER, etc.
	USER, sudo, chmod 777, curl\|bash, hardcoded secrets, HEALTHCHECK
	apt cache hygiene, pip caching
	ARG with secret-pattern names
	Browse the full check catalog

Provide exactly one of (paste the file) or (HTTPS URL — e.g. GitHub raw).

Example

Input: ProgramFiles(x86)=C:\Program Files (x86) CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files asl.log=Destination=file SENTRY-TRACE=06ea796177f94c4593621a741c6ed73e-9d252fe87994f826 SHELL=/bin/bash.exe COREPACK_ENABLE_AUTO_PIN=0 NUMBER_OF_PROCESSORS=12 PROCESSOR_LEVEL=6 CLAUDE_CODE_EMIT_TOOL_USE_SUMMARIES=false CLAUDE_CODE_ENABLE_ASK_USER_QUESTION_TOOL=true ACSvcPort=17532 AI_AGENT=claude-code_2-1-165_agent USERDOMAIN_ROAMINGPROFILE=DESKTOP-UT0RIBG CLAUDE_CODE_SESSION_ID=f3773db0-14ba-4d13-a402-cb5b030e94c9 PROGRAMFILES=C:\Program Files MSYSTEM=MINGW64 ChocolateyInstall=C:\ProgramData\chocolatey PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY;.PYW CLAUDE_EFFORT=high OS=Windows_NT HOMEDRIVE=C: USERDOMAIN=DESKTOP-UT0RIBG CLAUDE_CODE_SDK_HAS_HOST_AUTH_REFRESH=1 PWD=/c/Users/noelh/Claude USERPROFILE=C:\Users\noelh OneDriveConsumer=C:\Users\noelh\OneDrive NoDefaultCurrentDirectoryInExePath=1 CLAUDECODE=1 ALLUSERSPROFILE=C:\ProgramData CommonProgramW6432=C:\Program Files\Common Files HOME=/c/Users/noelh USERNAME=noelh CLAUDE_AGENT_SDK_VERSION=0.3.165 GITHUB_TOKEN=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 PLINK_PROTOCOL=ssh OneDrive=C:\Users\noelh\OneDrive COMSPEC=C:\Windows\system32\cmd.exe CLAUDE_CODE_DISABLE_CRON= APPDATA=C:\Users\noelh\AppData\Roaming SYSTEMROOT=C:\Windows ANTHROPIC_BASE_URL=https://api.anthropic.com LOCALAPPDATA=C:\Users\noelh\AppData\Local COMPUTERNAME=DESKTOP-UT0RIBG TERM=xterm-256color LOGONSERVER=\DESKTOP-UT0RIBG CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1 PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules RlsSvcPort=22112 CLICKUP_API_TOKEN=pk_4562450_TIM2IE2O90NT3GJWKYL1LV7VQN2266L0 BESIEGE_UNITY_ASSEMBLIES=C:/Program Files/WindowsApps/SpiderlingStudios.5821136CAA5A2_1.0.18.0_x64__a408ere9ra7h8/Besiege_Data\Managed/ TEMP=C:\Users\noelh\AppData\Local\Temp SHLVL=1 PROCESSOR_REVISION=9e0a GIT_EDITOR=true DriverData=C:\Windows\System32\Drivers\DriverData COMMONPROGRAMFILES=C:\Program Files\Common Files USE_LOCAL_OAUTH= DISABLE_AUTOUPDATER=1 EXEPATH=C:\Program Files\Git\bin PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 158 Stepping 10, GenuineIntel CLAUDE_CODE_ENTRYPOINT=claude-desktop NODE_USE_SYSTEM_CA=1 API_TIMEOUT_MS=900000 MCP_CONNECTION_NONBLOCKING=true CHROME_CRASHPAD_PIPE_NAME=\.\pipe\crashpad_29500_POUXYTDLVUULVKGG HOMEPATH=\Users\noelh CLAUDE_CODE_EXECPATH=C:\Users\noelh\AppData\Local\Packages\Claude_pzs8sxrjxfjjc\LocalCache\Roaming\Claude\claude-code\2.1.165\claude.exe TMP=C:\Users\noelh\AppData\Local\Temp PATH=/c/Users/noelh/bin:/mingw64/bin:/usr/local/bin:/usr/bin:/bin:/mingw64/bin:/usr/bin:/c/Users/noelh/bin:/c/Python314/Scripts:/c/Python314:/c/ProgramData/Oracle/Java/javapath:/c/Windows/system32:/c/Windows:/c/Windows/System32/Wbem:/c/Windows/System32/WindowsPowerShell/v1.0:/c/Windows/System32/OpenSSH:/c/Program Files (x86)/NVIDIA Corporation/PhysX/Common:/c/Program Files/Intel/WiFi/bin:/c/Program Files/Common Files/Intel/WirelessCommon:/c/Windows/SysWOW64:/c/Program Files/dotnet:/cmd:/c/Program Files/NVIDIA Corporation/NVIDIA App/NvDLISR:/c/Program Files/nodejs:/c/ProgramData/chocolatey/bin:/c/Program Files/Mullvad VPN/resources:/c/Program Files/GitHub CLI:/c/Program Files/Tailscale:/c/Users/noelh/AppData/Local/Microsoft/WindowsApps:/c/Users/noelh/AppData/Local/atom/bin:/c/Users/noelh/AppData/Local/Programs/Microsoft VS Code/bin:/c/Users/noelh/AppData/Roaming/npm:/c/Users/noelh/.local/bin:/c/Users/noelh/.dotnet/tools:/c/Users/noelh/AppData/Local/Microsoft/WinGet/Packages/Gyan.FFmpeg_Microsoft.Winget.Source_8wekyb3d8bbwe/ffmpeg-8.1.1-full_build/bin:/c/Users/noelh/AppData/Local/Programs/Python/Python311:/c/Program Files/nodejs:/c/Python314:/mingw64/bin:/usr/bin/vendor_perl:/usr/bin/core_perl:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/skills-plugin/9458e948-904e-4e31-a5ee-0b93c13edac4/512bbb06-40f6-479b-95e1-2991562b4b71/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_019XQ3kYMHjpnY1RcxCZttGb/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_0155zZVATbJU3jHUmPP9NvMC/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01XXJmxLXPEhPMmnxmrgntNw/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01FTLa86dhbVJ3HB1LdHdhN7/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_014WxCYbLf7f3uw2isHFR9US/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01KmRfL8EXGF3PeqMRzef1TR/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_012ABz1xjgtJYWKrcJkXW6ad/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_011v5h6QUzBZvas64y44XLhy/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01Eeb9y5m4iFuY3yRtytYfdc/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01AYHYqVLaZRH2Vi6aHgDwEw/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01VyNDLNYUZHHyKf7A691D7V/bin:/c/Users/noelh/AppData/Roaming/Claude/local-agent-mode-sessions/512bbb06-40f6-479b-95e1-2991562b4b71/9458e948-904e-4e31-a5ee-0b93c13edac4/rpm/plugin_01SfWJSiw6JtGbsuW75PKvPK/bin:/c/Users/noelh/.claude/plugins/cache/obsidian-skills/obsidian/1.0.1/bin:/c/Users/noelh/.claude/plugins/cache/claude-plugins-official/security-guidance/2.0.3/bin:/c/Users/noelh/.claude/plugins/cache/claude-plugins-official/code-review/71f9f2af276d/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/debugger/1.0.0/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/mcp-builder/9ef49d0f2a27/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/artifacts-builder/9ef49d0f2a27/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/bug-fix/1.0.0/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/documentation-generator/1.0.0/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/backend-architect/1.0.0/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/frontend-design/9ef49d0f2a27/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/senior-frontend/9ef49d0f2a27/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/connect-apps/9ef49d0f2a27/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/audit-project/3.7.2/bin:/c/Users/noelh/.claude/plugins/cache/awesome-claude-plugins/security-guidance/1.0.0/bin:/c/Users/noelh/.claude/plugins/cache/claude-plugins-official/cloudflare/1.0.0/bin ProgramW6432=C:\Program Files BESIEGE_GAME_ASSEMBLIES=C:/Program Files/WindowsApps/SpiderlingStudios.5821136CAA5A2_1.0.18.0_x64__a408ere9ra7h8/Besiege_Data\Managed/ BAGGAGE=sentry-environment=production,sentry-release=Claude%401.11187.4,sentry-public_key=2f98127cbffe4740b1f767a2de77d23b,sentry-trace_id=06ea796177f94c4593621a741c6ed73e,sentry-org_id=1158394 WINDIR=C:\Windows PROCESSOR_ARCHITECTURE=AMD64 PUBLIC=C:\Users\Public DISABLE_MICROCOMPACT=1 SYSTEMDRIVE=C: USE_STAGING_OAUTH= CLAUDE_CODE_SDK_HAS_OAUTH_REFRESH=1 ProgramData=C:\ProgramData ChocolateyLastPathUpdate=134222221138500739 _=/usr/bin/ENV TOKEN=

Output:

Check catalog (v1: 19 checks across 5 categories)

ID	Category	Severity	Title
DFA-001	base_image	medium	Image uses :latest tag or no tag
DFA-002	base_image	info	No SHA256 digest pin on FROM
DFA-003	base_image	medium	Untrusted registry
DFA-010	instructions	low	CMD in shell form
DFA-011	instructions	low	ENTRYPOINT in shell form
DFA-012	instructions	info	MAINTAINER instruction is deprecated
DFA-013	instructions	medium	ADD used where COPY would suffice
DFA-020	security	medium	No USER directive (runs as root)
DFA-021	security	high	USER root set explicitly
DFA-022	security	high	sudo invoked in RUN
DFA-023	security	high	chmod 777 in RUN
DFA-024	security	medium	curl\|bash pattern in RUN
DFA-025	security	high	Hardcoded secret in ENV
DFA-027	security	low	No HEALTHCHECK
DFA-030	efficiency	low	apt-get update without install
DFA-031	efficiency	low	apt-get install without --no-install-recommends
DFA-032	efficiency	low	pip install without --no-cache-dir
DFA-040	secrets	medium	ARG with secret-pattern name

Use to get the canonical, up-to-date catalog.

Pricing

Free to use — hosted on Apify, bring your own Apify token.

Connecting from Claude Desktop

Limits

Dockerfile size: 200 KB cap per audit
URL fetch: 5s timeout, max 3 redirects, HTTPS only
Session timeout: 5 minutes of inactivity

What's NOT covered (yet)

Live image vulnerability scanning (use Trivy / Grype for that)
Multi-stage build optimization analysis (DFA-004 / DFA-005 — roadmapped)
Compose-file audit (separate MCP: )

Sibling MCPs from Unbearable Labs

— same pattern for
— Kubernetes manifest security audit
— Hungarian postcode lookup

Source / contact

Issues and ideas: or the GitHub org .

Built by Noel @ Unbearable Labs — more like this in the weekly newsletter: https://unbearabletechtips.beehiiv.com

Docker Compose Security Audit

unbearable_dev/docker-compose-audit

Audits docker-compose.yml files for security misconfigurations. 25 checks across 9 categories with severity, remediation, and YAML fix snippets. Pay-per-event. MCP-native - call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Noel Himer

GitHub Actions Security Audit

unbearable_dev/github-actions-audit

Audits .github/workflows/*.yml for supply-chain risks: script injection, leaked tokens, unpinned actions, broad permissions, pull_request_target pitfalls. MCP-native - call from Claude Desktop, Cursor, n8n, or any MCP client. Pay-per-event. Built by Unbearable Labs.

Noel Himer

Kubernetes Manifest Audit (kube-linter)

unbearable_dev/k8s-manifest-audit

Static audit of Kubernetes manifests via MCP. Powered by kube-linter - 63 checks across security, resources, availability, and config. Pay-per-event. Call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Noel Himer

Unbearable IaC Audit Pack

unbearable_dev/iac-audit-pack

All four Unbearable Labs audit Actors under one MCP endpoint: docker-compose (25 checks), Dockerfile (26 checks), GitHub Actions (21 checks), HU postcode validator (5 tools). Snyk-comparable IaC coverage at 10x cheaper. Pay-per-event. Built by Unbearable Labs.

Noel Himer

n8n-mcp

nourishing_courier/web-data-for-ai

n8n-mcp

Ani Björkström

n8n MCP Template

sameh.jarour/n8n-mcp-template

Sameh George Jarour

🎯 Sales Intelligence MCP

nexgendata/sales-intelligence-mcp

MCP server bundling 10 lead-generation and enrichment actors as AI-agent tools — a pay-per-result alternative to Apollo, ZoomInfo and Clay. Works with Claude Desktop, Cursor, n8n and any MCP-compatible client. No seats, no contracts, no quotas.

NexGenData

💎 Premium Data MCP — AI Intelligence & Analytics Server

nexgendata/premium-data-mcp-server

Premium MCP server for AI assistants with curated B2B data: government contracts, state business registrations, FDA recalls, Amazon product catalog and competitor-price monitoring. Works with Claude Desktop, Cursor, n8n and any MCP-compatible client. Pay-per-result.

NexGenData

n8n Documentation MCP Server

agentify/n8n-mcp-server

n8n MCP Server provides AI assistants with structured access to n8n node documentation, properties, and validation tools for building and verifying workflows efficiently.

agentify

Linkedin Ads Mcp Server [PPR]

zadexinho/linkedin-ads-mcp-server

MCP server providing LinkedIn Ad Library data to AI agents. Tools: [search_linkedin_ads], [get_ad_details], [get_advertiser_ads]. Connect Claude Desktop, Cursor, n8n, or any MCP-compatible client. Returns ad copy, creatives, and active status.