Files
Anthropic-Cybersecurity-Skills/skills/scanning-container-images-with-grype/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

1.7 KiB

API Reference: Scanning Container Images with Grype

Grype CLI Commands

Command Description
grype <image> Scan a container image
grype <image> -o json JSON output for parsing
grype <image> -o sarif SARIF output for GitHub Security
grype <image> --fail-on critical Exit non-zero on severity
grype <image> --only-fixed Show only fixable vulns
grype sbom:<file> Scan a pre-generated SBOM
grype dir:<path> Scan a local directory
grype db status Check vulnerability DB status
grype db update Update vulnerability database

Input Sources

Source Syntax Description
Registry grype nginx:latest Pull from registry
Docker daemon grype docker:myapp:1.0 Local Docker image
Archive grype docker-archive:image.tar Saved tar archive
OCI dir grype oci-dir:path/ OCI layout directory
SBOM grype sbom:bom.json CycloneDX/SPDX SBOM
Directory grype dir:/path/ Filesystem scan

Severity Levels

Level CVSS Range Action
Critical 9.0 - 10.0 Immediate remediation
High 7.0 - 8.9 Fix before deployment
Medium 4.0 - 6.9 Plan remediation
Low 0.1 - 3.9 Accept or fix later
Negligible 0.0 Informational

Python Libraries

Library Version Purpose
subprocess stdlib Execute grype CLI
json stdlib Parse JSON output
pathlib stdlib File path handling

References