creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 23:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/scanning-docker-images-with-trivy/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

49 lines
1.6 KiB
Markdown
Raw Blame History

# API Reference: Scanning Docker Images with Trivy
## Trivy Scanner Types
| Scanner | Flag | Detects |
|---------|------|---------|
| Vulnerability | `--scanners vuln` | CVEs in OS packages and libraries |
| Misconfiguration | `--scanners misconfig` | Dockerfile/K8s misconfigs |
| Secret | `--scanners secret` | Hardcoded passwords, API keys |
| License | `--scanners license` | License compliance issues |
## Core Commands
| Command | Description |
|---------|-------------|
| `trivy image <ref>` | Scan Docker image |
| `trivy image --input <tar>` | Scan saved tar archive |
| `trivy image --format json` | JSON output |
| `trivy image --format sarif` | SARIF for GitHub Security |
| `trivy image --format cyclonedx` | CycloneDX SBOM |
| `trivy image --format spdx-json` | SPDX SBOM |
| `trivy image --exit-code 1 --severity CRITICAL` | Fail on critical |
| `trivy image --list-all-pkgs` | List all detected packages |
## Vulnerability Database Sources
| Source | Coverage |
|--------|----------|
| NVD | All ecosystems |
| GitHub Advisory Database | Open source packages |
| Alpine SecDB | Alpine Linux |
| Debian Security Tracker | Debian packages |
| Red Hat Security Data | RHEL/CentOS |
| Ubuntu CVE Tracker | Ubuntu packages |
## Python Libraries
| Library | Version | Purpose |
|---------|---------|---------|
| `subprocess` | stdlib | Execute trivy CLI |
| `json` | stdlib | Parse scan results |
| `pathlib` | stdlib | File path handling |
## References
- Trivy Documentation: https://trivy.dev/docs/
- Trivy GitHub: https://github.com/aquasecurity/trivy
- Aqua Security: https://www.aquasec.com/products/trivy/
Reference in New Issue View Git Blame Copy Permalink