The Agent Skills Directory

[COMMAND_EXECUTION]: The provided scripts scripts/agent.py and scripts/process.py interface with the Trivy CLI using the subprocess module. They correctly pass arguments as lists, avoiding the use of shell=True, which is a standard security practice to prevent shell injection attacks from untrusted input like container image names.\n- [SAFE]: The skill references resources from Aqua Security, a well-known provider of container security tools. References to their official GitHub repository (aquasecurity/trivy) and container images (aquasec/trivy) are documented for legitimate tool usage and do not pose a security risk.

implementing-aqua-security-for-container-scanning