Trivy Container Scanner
Wraps the Trivy CLI for comprehensive container image vulnerability scanning. Outputs results in SARIF format for GitHub Code Scanning API integration and generates OCI artifact attestations.
What it does
Trivy Container Scanner
Wraps the Trivy CLI for comprehensive container image vulnerability scanning. Outputs results in SARIF format for GitHub Code Scanning API integration and generates OCI artifact attestations.
Installation
Requirements and caveats from upstream:
- ![Docker Pulls][docker-pulls]
- docker run aquasec/trivy
- There are canary builds (Docker Hub, GitHub, [ECR](https://gallery.ec...
Basic usage or getting-started notes:
-
Get Trivy
-
Trivy is available in most common distribution channels. The full list of installation options is available in the [Installation] page. Here are a few popular examples:
-
brew install trivy
-
Extracted from upstream docs: https://raw.githubusercontent.com/aquasecurity/trivy/HEAD/README.md
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,057 chars)