Skills

sca-trivy

Installation
SKILL.md

Software Composition Analysis with Trivy

Overview

Trivy is a comprehensive security scanner for containers, filesystems, and git repositories. It detects vulnerabilities (CVEs) in OS packages and application dependencies, IaC misconfigurations, exposed secrets, and software licenses. This skill provides workflows for vulnerability scanning, SBOM generation, CI/CD integration, and remediation prioritization aligned with CVSS and OWASP standards.

Quick Start

Scan a container image for vulnerabilities:

# Install Trivy
brew install trivy  # macOS
# or: apt-get install trivy  # Debian/Ubuntu
# or: docker pull aquasec/trivy:latest
Related skills

More from agentsecops/secopsagentkit

Installs
1
Repository
agentsecops/sec…agentkit
GitHub Stars
134
First Seen
Mar 5, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn