Back to skills
extension
Category: Development & EngineeringNo API key required

security-scan-trivy

Scan dependencies/container vulnerabilities with Trivy and fix them in order of severity. Used for pre-release checks.

personAuthor: jakexiaohubgithub

Trivy Security Scan

Instructions

  • まずCritical/Highを対象にする
  • 例外(許容する脆弱性)は理由と期限を必ず残す
  • CIに組み込む場合は「最初は警告→次にfail」に段階導入