{"id":"049c3091-419e-4ef7-adc3-b8105b16f74c","shortId":"muKFMv","kind":"skill","title":"Trivy Vulnerability Scanner Pipeline","tagline":"Scans container images, IaC templates, and SBOM artifacts using Aqua Trivy CLI. Generates CycloneDX and SPDX reports with CVE severity filtering for CI/CD gates.","description":"# Trivy Vulnerability Scanner Pipeline\n\nScans container images, IaC templates, and SBOM artifacts using Aqua Trivy CLI. Generates CycloneDX and SPDX reports with CVE severity filtering for CI/CD gates.\n\n## Installation\n\nRequirements and caveats from upstream:\n- ![Docker Pulls][docker-pulls]\n- docker run aquasec/trivy\n- There are canary builds ([Docker Hub](https://hub.docker.com/r/aquasec/trivy/tags?page=1&name=canary), [GitHub](https://github.com/aquasecurity/trivy/pkgs/container/trivy/75776514?tag=canary), [ECR](https://gallery.ec...\n\nBasic usage or getting-started notes:\n- ### Get Trivy\n- Trivy is available in most common distribution channels. The full list of installation options is available in the [Installation] page. Here are a few popular examples:\n- brew install trivy\n\n- Source: https://github.com/aquasecurity/trivy\n- Extracted from upstream docs: https://raw.githubusercontent.com/aquasecurity/trivy/HEAD/README.md\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/trivy-vulnerability-scanner-pipeline/)","tags":["trivy","vulnerability","scanner","pipeline","skills","agentskillexchange","agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex"],"capabilities":["skill","source-agentskillexchange","skill-trivy-vulnerability-scanner-pipeline","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/trivy-vulnerability-scanner-pipeline","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,051 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:54.767Z","embedding":null,"createdAt":"2026-05-18T13:20:02.840Z","updatedAt":"2026-05-18T19:12:54.767Z","lastSeenAt":"2026-05-18T19:12:54.767Z","tsv":"'/aquasecurity/trivy':127 '/aquasecurity/trivy/head/readme.md':134 '/aquasecurity/trivy/pkgs/container/trivy/75776514?tag=canary),':83 '/r/aquasec/trivy/tags?page=1&name=canary),':79 '/skills/trivy-vulnerability-scanner-pipeline/)':141 'agent':136 'agentskillexchange.com':140 'agentskillexchange.com/skills/trivy-vulnerability-scanner-pipeline/)':139 'aqua':14,42 'aquasec/trivy':70 'artifact':12,40 'avail':97,110 'basic':86 'brew':121 'build':74 'canari':73 'caveat':60 'channel':102 'ci/cd':27,55 'cli':16,44 'common':100 'contain':6,34 'cve':23,51 'cyclonedx':18,46 'distribut':101 'doc':131 'docker':63,66,68,75 'docker-pul':65 'ecr':84 'exampl':120 'exchang':138 'extract':128 'filter':25,53 'full':104 'gallery.ec':85 'gate':28,56 'generat':17,45 'get':90,93 'getting-start':89 'github':80 'github.com':82,126 'github.com/aquasecurity/trivy':125 'github.com/aquasecurity/trivy/pkgs/container/trivy/75776514?tag=canary),':81 'hub':76 'hub.docker.com':78 'hub.docker.com/r/aquasec/trivy/tags?page=1&name=canary),':77 'iac':8,36 'imag':7,35 'instal':57,107,113,122 'list':105 'note':92 'option':108 'page':114 'pipelin':4,32 'popular':119 'pull':64,67 'raw.githubusercontent.com':133 'raw.githubusercontent.com/aquasecurity/trivy/head/readme.md':132 'report':21,49 'requir':58 'run':69 'sbom':11,39 'scan':5,33 'scanner':3,31 'sever':24,52 'skill':137 'skill-trivy-vulnerability-scanner-pipeline' 'sourc':124,135 'source-agentskillexchange' 'spdx':20,48 'start':91 'templat':9,37 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'trivi':1,15,29,43,94,95,123 'upstream':62,130 'usag':87 'use':13,41 'vulner':2,30","prices":[{"id":"8d2c92aa-d5ed-44e8-8172-df9a44782bed","listingId":"049c3091-419e-4ef7-adc3-b8105b16f74c","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:20:02.840Z"}],"sources":[{"listingId":"049c3091-419e-4ef7-adc3-b8105b16f74c","source":"github","sourceId":"agentskillexchange/skills/trivy-vulnerability-scanner-pipeline","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/trivy-vulnerability-scanner-pipeline","isPrimary":false,"firstSeenAt":"2026-05-18T13:20:02.840Z","lastSeenAt":"2026-05-18T19:12:54.767Z"}],"details":{"listingId":"049c3091-419e-4ef7-adc3-b8105b16f74c","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"trivy-vulnerability-scanner-pipeline","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"1c8b6254897ac3c91001fc959d8a689bc51b49fc","skill_md_path":"skills/trivy-vulnerability-scanner-pipeline/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/trivy-vulnerability-scanner-pipeline"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Trivy Vulnerability Scanner Pipeline","description":"Scans container images, IaC templates, and SBOM artifacts using Aqua Trivy CLI. Generates CycloneDX and SPDX reports with CVE severity filtering for CI/CD gates."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/trivy-vulnerability-scanner-pipeline"},"updatedAt":"2026-05-18T19:12:54.767Z"}}