scanning-docker-images-with-trivy
CommunityFind vulnerabilities in Docker images fast.
Software Engineering#vulnerability scanning#secrets detection#trivy#docker image scanning#sbom generation#ci/cd security gate#container misconfigurations
Authorriandeoliveira
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you identify known security risks in container images so you can prevent vulnerable builds from reaching production.
Core Features & Use Cases
- Vulnerability scanning for container images: Detects CVEs in OS packages and language-specific dependencies.
- Misconfiguration, secrets, and license checks: Finds risky Dockerfile/K8s issues, hardcoded secrets, and license compliance gaps.
- Actionable outputs and CI/CD gating: Supports JSON/SARIF and SBOM generation to integrate into pipelines and enforce severity thresholds.
Quick Start
Run the Trivy scan on your image tag to produce machine-readable results you can review and gate in CI.
Dependency Matrix
Required Modules
subprocessjsonsyspathlibdatetimeargparseosdataclasses
Components
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: scanning-docker-images-with-trivy Download link: https://github.com/riandeoliveira/aspnet-template/archive/main.zip#scanning-docker-images-with-trivy Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.