Skills
.Work. You
Rest

trivy

Community

Scan containers, IaC, and code for vulns.

Software Engineering#security#container security#iac#vulnerability scanning#secrets detection#sbom
Authorigbuend
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill automates the process of identifying security vulnerabilities, misconfigurations, and secrets within container images, Infrastructure as Code (IaC) files, and code repositories.

Core Features & Use Cases

  • Comprehensive Scanning: Detects vulnerabilities in OS packages and application dependencies across various ecosystems.
  • IaC Misconfiguration Detection: Identifies security risks in Terraform, CloudFormation, Kubernetes manifests, and Dockerfiles.
  • Secrets Detection: Scans code and images for hardcoded secrets like API keys and passwords.
  • SBOM Generation: Creates Software Bill of Materials (SBOM) in CycloneDX and SPDX formats.
  • Use Case: Integrate this Skill into your CI/CD pipeline to automatically scan every new container image build for critical vulnerabilities before deployment.

Quick Start

Use the trivy skill to scan the current directory for vulnerabilities and secrets.

Dependency Matrix

Required Modules

None required

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: trivy
Download link: https://github.com/igbuend/grimbard/archive/main.zip#trivy

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.