Anthropic-Cybersecurity-Skills/skills/scanning-docker-images-with-trivy/references/api-reference.md

API Reference: Scanning Docker Images with Trivy

Trivy Scanner Types

Scanner	Flag	Detects
Vulnerability	--scanners vuln	CVEs in OS packages and libraries
Misconfiguration	--scanners misconfig	Dockerfile/K8s misconfigs
Secret	--scanners secret	Hardcoded passwords, API keys
License	--scanners license	License compliance issues

Core Commands

Command	Description
trivy image <ref>	Scan Docker image
trivy image --input <tar>	Scan saved tar archive
trivy image --format json	JSON output
trivy image --format sarif	SARIF for GitHub Security
trivy image --format cyclonedx	CycloneDX SBOM
trivy image --format spdx-json	SPDX SBOM
trivy image --exit-code 1 --severity CRITICAL	Fail on critical
trivy image --list-all-pkgs	List all detected packages

Vulnerability Database Sources

Source	Coverage
NVD	All ecosystems
GitHub Advisory Database	Open source packages
Alpine SecDB	Alpine Linux
Debian Security Tracker	Debian packages
Red Hat Security Data	RHEL/CentOS
Ubuntu CVE Tracker	Ubuntu packages

Python Libraries

Library	Version	Purpose
subprocess	stdlib	Execute trivy CLI
json	stdlib	Parse scan results
pathlib	stdlib	File path handling

References

• Trivy Documentation: https://trivy.dev/docs/
• Trivy GitHub: https://github.com/aquasecurity/trivy
• Aqua Security: https://www.aquasec.com/products/trivy/