scanning-container-security

Solid

This skill enables Claude to scan container images and running containers for vulnerabilities using tools like Trivy and Snyk. It identifies potential security risks in container environments. Use this skill when the user requests a security assessment of a container image, asks to identify vulnerabilities in a container, or wants to improve the security posture of their containerized applications. Trigger terms include "scan container," "container security," "vulnerability assessment," "Trivy scan," or "Snyk scan."

AI & Automation 2,274 stars 319 forks Updated today MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

## Overview This skill empowers Claude to perform comprehensive security scans of container images and running containers. By leveraging industry-standard tools, it identifies vulnerabilities and provides insights for remediation, enhancing the overall security of containerized applications. ## How It Works 1. **Receiving Request**: Claude receives a user request to scan a container for vulnerabilities. 2. **Executing Scan**: Claude utilizes tools like Trivy or Snyk to perform the security scan on the specified container image or running container. 3. **Reporting Results**: Claude presents a detailed report of identified vulnerabilities, including severity levels and potential remediation steps. ## When to Use This Skill This skill activates when you need to: - Assess the security of a container image before deployment. - Identify vulnerabilities in a running container within a production environment. - Generate a security report for compliance purposes. ## Examples ### Example 1: Pre-Deployment Security Check User request: "Scan this Docker image for vulnerabilities before I deploy it: myapp:latest" The skill will: 1. Initiate a Trivy scan on the `myapp:latest` Docker image. 2. Return a report listing all identified vulnerabilities, their severity, and suggested fixes. ### Example 2: Runtime Container Security Assessment User request: "Scan the running container with ID abc123xyz for security vulnerabilities." The skill will: 1. Execute a Snyk scan on the contain...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Docker · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

scanning-for-vulnerabilities

This skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. It identifies security vulnerabilities in code, dependencies, and configurations, including CVE detection. Use this skill when the user asks to scan for vulnerabilities, security issues, or CVEs in their project. Trigger phrases include "scan for vulnerabilities", "find security issues", "check for CVEs", "/scan", or "/vuln". The plugin performs static analysis, dependency checking, and configuration analysis to provide a detailed vulnerability report.

2,274 Updated today
jeremylongshore
AI & Automation Solid

container-security-scanner

Container image and Kubernetes security scanning for CVEs, misconfigurations, and compliance

1,160 Updated today
a5c-ai
AI & Automation Solid

scanning-input-validation-practices

This skill enables Claude to automatically scan source code for potential input validation vulnerabilities. It identifies areas where user-supplied data is not properly sanitized or validated before being used in operations, which could lead to security exploits like SQL injection, cross-site scripting (XSS), or command injection. Use this skill when the user asks to "scan for input validation issues", "check input sanitization", "find potential XSS vulnerabilities", or similar requests related to securing user input. It is particularly useful during code reviews, security audits, and when hardening applications against common web vulnerabilities. The skill leverages the input-validation-scanner plugin to perform the analysis.

2,274 Updated today
jeremylongshore
Web & Frontend Listed

managing-vulnerabilities

Implementing multi-layer security scanning (container, SAST, DAST, SCA, secrets), SBOM generation, and risk-based vulnerability prioritization in CI/CD pipelines. Use when building DevSecOps workflows, ensuring compliance, or establishing security gates for container deployments.

368 Updated 5 months ago
ancoleman
API & Backend Solid

performing-security-testing

This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.

2,274 Updated today
jeremylongshore