Trivy Container Vulnerability Scanner
Automates Aqua Security Trivy scans against Docker images and OCI artifacts to detect CVEs, misconfigurations, and license violations. Integrates with Trivy's JSON/SARIF output for CI-gate decisions and generates remediation reports.
What it does
Trivy Container Vulnerability Scanner
Automates Aqua Security Trivy scans against Docker images and OCI artifacts to detect CVEs, misconfigurations, and license violations. Integrates with Trivy's JSON/SARIF output for CI-gate decisions and generates remediation reports.
Installation
Requirements and caveats from upstream:
- ![Docker Pulls][docker-pulls]
- docker run aquasec/trivy
- There are canary builds (Docker Hub, GitHub, [ECR](https://gallery.ec...
Basic usage or getting-started notes:
-
Get Trivy
-
Trivy is available in most common distribution channels. The full list of installation options is available in the [Installation] page. Here are a few popular examples:
-
brew install trivy
-
Extracted from upstream docs: https://raw.githubusercontent.com/aquasecurity/trivy/HEAD/README.md
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,125 chars)