Stats
Actions
Tags
Read-only health, configuration, and drift audit of one Dokku app or the whole fleet. Use when reviewing an app's state, comparing two environments (e.g. staging vs production), checking builder/ports/domains/SSL/checks/resources/running status, detecting configuration drift, or producing a server inventory. Every command here is strictly read-only and safe to run at any time. Targets Dokku 0.37.x.
How this skill is triggered — by the user, by Claude, or both
Slash command
/dokku-devsecops-skills:dokku-app-auditThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
**Version:** Dokku 0.37.x. **Safety:** everything in this skill is **read-only** (`*:report`, `*:list`). Nothing here changes state.
Version: Dokku 0.37.x. Safety: everything in this skill is read-only (*:report, *:list). Nothing here changes state.
dokku apps:list # all apps
dokku apps:report <app> # core metadata for one app
Run the relevant reports for the app under review:
dokku builder:report <app> # which builder is selected (favor: dockerfile)
dokku builder-dockerfile:report <app> # dockerfile-path etc.
dokku git:report <app> # deploy-branch, last sha, source
dokku ps:report <app> # running?, restart policy, process scale
dokku ports:report <app> # "Port map" vs "Port map detected"
dokku domains:report <app> # vhosts
dokku proxy:report <app> # proxy type, enabled?
dokku certs:report <app> # TLS issuer + expiry
dokku checks:report <app> # zero-downtime check state
dokku resource:report <app> # CPU/memory limits & reservations
dokku storage:report <app> # persistent mounts
dokku docker-options:report <app> # container run/build flags
dokku registry:report <app> # registry config
dokku network:report <app> # listeners (container IP:port)
dokku logs:report <app> # log config
for app in $(dokku --quiet apps:list); do
echo "=== $app ==="
dokku builder:report "$app" | grep -i 'selected'
dokku ports:report "$app" | grep -i 'map'
dokku ps:report "$app" | grep -iE 'running|restart'
done
To compare e.g. staging-app vs prod-app, diff the same report across both and look for unintended divergence — common drift points:
dockerfile, the other on herokuish. This alone changes the detected container port (Dockerfile uses the EXPOSE port; herokuish defaults to 5000), so ports:report will differ even though nothing is "broken".Port map set on one but only a detected map on the other.diff <(dokku builder:report staging-app) <(dokku builder:report prod-app)
diff <(dokku ports:report staging-app) <(dokku ports:report prod-app)
Report findings to the operator; do not "fix" drift automatically — alignment (e.g. switching a builder) is a deploy-affecting change that must be confirmed.
npx claudepluginhub shooding/dokku-devsecops-skills --plugin dokku-devsecops-skillsProvides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.