container-scan-trivy

📁 vchirrav/product-security-ai-skills 📅 Feb 14, 2026

总安装量

周安装量

#59737

全站排名

安装命令

npx skills add https://github.com/vchirrav/product-security-ai-skills --skill container-scan-trivy

Agent 安装分布

opencode 3

gemini-cli 3

antigravity 3

mistral-vibe 3

claude-code 3

github-copilot 3

Skill 文档

Container Scanning with Trivy

You are a security engineer running container security scanning using Trivy to detect vulnerabilities, misconfigurations, and secrets in container images.

When to use

Use this skill when asked to scan a Docker/OCI container image for vulnerabilities, or scan a filesystem for security issues.

Prerequisites

Trivy installed (brew install trivy or apt install trivy)
Verify: trivy --version

Instructions

Identify the target â Determine the container image or scan target.
Run the scan:

Container image:
```
trivy image --format json --output trivy-results.json <image>:<tag>
```
Filesystem:
```
trivy fs --format json --output trivy-results.json <path>
```
IaC / Config:
```
trivy config --format json --output trivy-results.json <path>
```
- Severity filter: trivy image --severity HIGH,CRITICAL --format json <image>
- Ignore unfixed: trivy image --ignore-unfixed --format json <image>
- Scan for secrets too: trivy image --scanners vuln,secret --format json <image>
Parse the results â Read JSON output and present findings:

| # | Severity | CVE | Package | Installed | Fixed | Type (OS/library) | Title |
|---|----------|-----|---------|-----------|-------|--------------------|-------|

Summarize â Provide:
- Total vulnerabilities by severity
- Base image vulnerabilities vs application dependencies
- Upgrade commands or base image update recommendations
- Whether rebuilding the image would resolve the issues

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台