Use when writing Dockerfiles, docker-compose files, Podman configurations, or reviewing container security. Covers runtime escapes, supply chain attacks, GPU passthrough vulnerabilities, registry hardening, and 2024-2025 CVEs for Docker, Podman, BuildKit, Harbor, and NVIDIA Container Toolkit.