OpenSkillIndex← back to search
claude-code

Skills trivy

install
source · Clone the upstream repo
git clone https://github.com/TerminalSkills/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/TerminalSkills/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/trivy" ~/.claude/skills/terminalskills-skills-trivy && rm -rf "$T"
manifest: skills/trivy/SKILL.md
source content

Trivy

Overview

Trivy is an open-source vulnerability scanner by Aqua Security. Scans container images, filesystems, git repos, and IaC for vulnerabilities, misconfigurations, and exposed secrets.

Instructions

Step 1: Install

brew install trivy

Step 2: Container Scanning

trivy image node:20-alpine
trivy image --severity CRITICAL,HIGH my-app:latest
trivy image --format json --output results.json my-app:latest

Step 3: Filesystem and Secret Scan

trivy fs .
trivy fs --scanners vuln,secret,misconfig .

Step 4: IaC Scanning

trivy config ./terraform/
trivy config ./k8s/

Guidelines

  • Free and open-source — no account needed.
  • Local vulnerability DB, updated automatically — scans are fast.
  • Supports SBOM generation (CycloneDX, SPDX) for compliance.
  • Use in CI to block deployments with critical CVEs.