diff --git a/tools/validate-all-dockerfiles.sh b/tools/validate-all-dockerfiles.sh
index f9dabaa9cb..9599208ebe 100755
--- a/tools/validate-all-dockerfiles.sh
+++ b/tools/validate-all-dockerfiles.sh
@@ -14,4 +14,6 @@ find docker -name Dockerfile.j2 -print0 |
 find docker -name Dockerfile.j2 -print0 |
     xargs -0 tools/validate-indentation.sh || RES=1
 
+tools/validate-binary-build.sh || RES=1
+
 exit $RES
diff --git a/tools/validate-binary-build.sh b/tools/validate-binary-build.sh
new file mode 100755
index 0000000000..76aafe7c4f
--- /dev/null
+++ b/tools/validate-binary-build.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+REAL_PATH=$(python -c "import os,sys;print(os.path.realpath('$0'))")
+cd "$(dirname "$REAL_PATH")/.."
+
+RES=0
+
+generate_templates () {
+    echo Generating templates for $distro
+    tools/build.py --template-only --type binary --base $distro --work-dir=$tmpdir
+}
+
+check_for_errors () {
+    regex=$1
+    # Look for all rendered Dockerfile.
+    # TODO(mwhahaha): Skip kolla-toolbox for now as it's dependent on specific
+    # set of pip installed items.
+    find $tmpdir/docker -not -path "*kolla-toolbox*" -name Dockerfile -print0 |
+        xargs -0 egrep --color "$regex"
+    # NOTE(mandre) grep returns status code of 1 if the expression isn't found
+    # xargs returns with status 123 when the command invocation returns with an
+    # exit status 1-125, this is what we should be looking for as our "everything
+    # is good" code.
+    if [ $? -ne 123 ]; then
+        RES=1
+    fi
+}
+
+echo Looking for forbidden instructions in binary image templates
+
+for distro in debian ubuntu centos rhel oraclelinux; do
+    tmpdir=$(mktemp -d kolla-templates.XXXXXX --tmpdir)
+    generate_templates
+    check_for_errors "gem .*install"
+    check_for_errors "pip .*install"
+    check_for_errors "npm .*install"
+    check_for_errors "sensu-install"
+    check_for_errors "git .*clone"
+    check_for_errors "wget"
+    check_for_errors "curl"
+    rm -r $tmpdir
+done
+
+if [ $RES -eq 1 ]; then
+    echo "ERROR Found forbidden instructions in binary image templates"
+fi
+# Let's not make it fail pep8 job for now
+#exit $RES