trivy AI Agent Skills

Browse 21 skills related to trivy

fix-cves

3.5k
oktetookteto

Fix all CVEs in the Okteto CLI Docker image by scanning with Trivy and updating vulnerable dependencies and binaries

132 days ago

sca-trivy

228
rohunjrohunj

Software Composition Analysis (SCA) and container vulnerability scanning using Aqua Trivy for identifying CVE vulnerabilities in dependencies, container images, IaC misconfigurations, and license compliance risks. Use when: (1) Scanning container images and filesystems for vulnerabilities and misconfigurations, (2) Analyzing dependencies for known CVEs across multiple languages (Go, Python, Node.js, Java, etc.), (3) Detecting IaC security issues in Terraform, Kubernetes, Dockerfile, (4) Integrating vulnerability scanning into CI/CD pipelines with SARIF output, (5) Generating Software Bill of Materials (SBOM) in CycloneDX or SPDX format, (6) Prioritizing remediation by CVSS score and exploitability.

scatrivycontainer-security+5
132 days ago

building-with-cloud-security

150
panaversitypanaversity

Use when implementing Kubernetes security patterns including RBAC, NetworkPolicies, Pod Security Standards, secrets management, image scanning with Trivy, Cosign signing, and Dapr security. Covers 4C model, compliance fundamentals.

132 days ago

vulnerability-scanning

69
secondskysecondsky

Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.

132 days ago

harbor-expert

25
martinholovskymartinholovsky

Expert Harbor container registry administrator specializing in registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication. Use when managing container registries, implementing security policies, configuring image scanning, or setting up disaster recovery.

132 days ago

security-review

17
ubie-ossubie-oss

Comprehensive security review of the Terraform provider codebase using gosec, trunk, osv-scanner, and trivy.

132 days ago

container-scanning

10
BagelHoleBagelHole

Scan container images for vulnerabilities using Trivy, Grype, and cloud-native tools. Identify security issues in base images, packages, and configurations. Use when implementing container security, building secure images, or meeting compliance requirements.

132 days ago

trivy

9
mauromeddamauromedda

Security vulnerability scanner using Trivy for container images, filesystems, and IaC. Blocks CRITICAL and HIGH severity vulnerabilities before commit. Triggers on "trivy", "vulnerability scan", "security scan", "container scan", "image scan", "sbom", "cve", "dependency scan", "supply chain security", "docker scan", "scan image", "scan container", "check vulnerabilities", "security check", "license scan", "secret scan", "misconfig scan", "iac scan", "terraform scan", "kubernetes scan", "helm scan", "dockerfile scan", "package vulnerabilities", "npm audit", "pip audit", "go mod vulnerabilities", "scan dependencies", "security gate", "compliance scan", "aqua trivy". PROACTIVE: MUST invoke before committing code with new dependencies or container images.

132 days ago

trivy

9
TerminalSkillsTerminalSkills

Scan containers, filesystems, and repos for vulnerabilities with Trivy. Use when a user asks to scan Docker images for CVEs, audit filesystem for secrets, check IaC for misconfigurations, or add security scanning to CI.

132 days ago

trivy

6
Plinde Claude Plugins TrivyPlinde Claude Plugins Trivy

This skill should be used when scanning container images, filesystems, or repositories for vulnerabilities using Trivy. Use for CVE detection, security analysis, vulnerability comparison across image versions, understanding scan output (severity levels, status fields), and batch scanning multiple images.

132 days ago

implementing-aqua-security-for-container-scanning

2
mukul975mukul975

Deploy Aqua Security's Trivy scanner to detect vulnerabilities, misconfigurations, secrets, and license issues in container images across CI/CD pipelines and registries.

aqua-securitytrivycontainer-scanning+4
132 days ago

securing-container-registry-images

2
mukul975mukul975

Securing container registry images by implementing vulnerability scanning with Trivy and Grype, enforcing image signing with Cosign and Sigstore, configuring registry access controls, and building CI/CD pipelines that prevent deploying unscanned or unsigned images.

cloud-securitycontainersregistry+4
132 days ago

scanning-containers-with-trivy-in-cicd

2
mukul975mukul975

This skill covers integrating Aqua Security's Trivy scanner into CI/CD pipelines for comprehensive container image vulnerability detection. It addresses scanning Docker images for OS package and application dependency CVEs, detecting misconfigurations in Dockerfiles, scanning filesystem and git repositories, and establishing severity-based quality gates that block deployment of vulnerable images.

devsecopscicdtrivy+3
132 days ago

terraform-skill

2
provectusprovectus

Use when working with Terraform or OpenTofu - creating modules, writing tests (native test framework, Terratest), setting up CI/CD pipelines, reviewing configurations, choosing between testing approaches, debugging state issues, implementing security scanning (trivy, checkov), or making infrastructure-as-code architecture decisions

132 days ago

None

2
mukul975mukul975

Trivy is a comprehensive open-source vulnerability scanner by Aqua Security that detects vulnerabilities in OS packages, language-specific dependencies, misconfigurations, secrets, and license violati

containersdockersecurity+2
132 days ago

None

2
mukul975mukul975

Harbor is an open-source container registry that provides security features including vulnerability scanning (integrated Trivy), image signing (Notary/Cosign), RBAC, content trust policies, replicatio

containerskubernetesdocker+3
132 days ago

docker-architect

1
DevGuyRashDevGuyRash

Generate hardened Dockerfiles, docker-compose stacks, and Swarm deploy configs. Containerize any app with multi-stage builds, non-root users, healthchecks, secrets management, .dockerignore, resource limits, and security hardening. Supports Python, Node.js, Rust, Go, Nginx, and custom stacks. Includes CI/CD pipeline scanning with hadolint, trivy, and docker scout. Produces deterministic, production-ready container architecture with digest-pinned images, OCI labels, SBOM, and provenance controls.

132 days ago

terraform-skill

1
dtsongdtsong

Use when working with Terraform or OpenTofu - creating modules, writing tests (native test framework, Terratest), setting up CI/CD pipelines, reviewing configurations, choosing between testing approaches, debugging state issues, implementing security scanning (trivy, checkov), or making infrastructure-as-code architecture decisions

132 days ago

Scanning Container Security

1
agent-arc-744agent-arc-744

This skill enables Claude to scan container images and running containers for vulnerabilities using tools like Trivy and Snyk. It identifies potential security risks in container environments. Use this skill when the user requests a security assessment of a container image, asks to identify vulnerabilities in a container, or wants to improve the security posture of their containerized applications. Trigger terms include "scan container," "container security," "vulnerability assessment," "Trivy scan," or "Snyk scan."

132 days ago

Container Scan

pitimonpitimon

Scan Docker container images for vulnerabilities using Trivy. Checks OS packages, language libraries, and Dockerfile misconfigurations.

132 days ago

trivy-scan

ERP-CORE-DEVERP-CORE-DEV

Scan containers and dependencies for vulnerabilities with Trivy

securitycontainertrivy+1
132 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network