install
source · Clone the upstream repo
git clone https://github.com/ComeOnOliver/skillshub
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/ComeOnOliver/skillshub "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/TerminalSkills/skills/trivy" ~/.claude/skills/comeonoliver-skillshub-trivy && rm -rf "$T"
manifest:
skills/TerminalSkills/skills/trivy/SKILL.mdsource content
Trivy
Overview
Trivy is an open-source vulnerability scanner by Aqua Security. Scans container images, filesystems, git repos, and IaC for vulnerabilities, misconfigurations, and exposed secrets.
Instructions
Step 1: Install
brew install trivy
Step 2: Container Scanning
trivy image node:20-alpine trivy image --severity CRITICAL,HIGH my-app:latest trivy image --format json --output results.json my-app:latest
Step 3: Filesystem and Secret Scan
trivy fs . trivy fs --scanners vuln,secret,misconfig .
Step 4: IaC Scanning
trivy config ./terraform/ trivy config ./k8s/
Guidelines
- Free and open-source — no account needed.
- Local vulnerability DB, updated automatically — scans are fast.
- Supports SBOM generation (CycloneDX, SPDX) for compliance.
- Use in CI to block deployments with critical CVEs.