Trivy Skills

Comprehensive security scanner for containers, filesystems, and IaC. Find vulnerabilities, misconfigurations, and secrets.

4 skills

View Commands

Trivy CI/CD Pipeline Integration

Intermediate

Integrate Trivy scanning into CI/CD pipelines with GitHub Actions — container scanning, IaC scanning, SBOM generation, and security gate enforcement with SARIF uploads.

trivycicdpipelineintegration+4

Works with:claude-code, cursor, copilot +3

View Skill

Container Image Vulnerability Scanning

Advanced

Scan container images for OS and application vulnerabilities with Trivy — severity filtering, SBOM generation, VEX for false positive management, registry authentication, CI gating, and supply chain security patterns.

trivycontainerimagevulnerability+4

Works with:claude-code, cursor, copilot +4

View Skill

Infrastructure as Code Security Scanning

Advanced

Scan Terraform, CloudFormation, Kubernetes YAML, and Dockerfiles for security misconfigurations with Trivy — severity filtering, custom Rego policies, CI gate integration, SARIF output, and compliance frameworks.

trivyinfrastructurecodesecurity+4

Works with:claude-code, cursor, copilot +3

View Skill

Vulnerability Scanner

Intermediate

> Think like an attacker, defend like an expert. 2025 threat landscape awareness.

trivyvulnerabilityscannersecurity+4

Works with:claude-code

View Skill