scanning-iac-and-images-with-trivy

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the Trivy scanner from official Aqua Security sources, including their GitHub repository and package registries. These are well-known and trusted infrastructure for this security tool.
  • [COMMAND_EXECUTION]: The helper script scripts/agent.py executes the trivy binary using subprocess.run. The command is constructed using a list of arguments, which is a recommended security practice to prevent shell injection attacks.
  • [COMMAND_EXECUTION]: Documentation in SKILL.md includes installation commands that use sudo and pipe remote scripts to the shell. These are standard deployment patterns for system-level security utilities like Trivy.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 06:23 PM
Security Audit — agent-trust-hub — scanning-iac-and-images-with-trivy