trivy_code_then_scan.mp4
This plugin starts a Model Context Protocol (MCP) server that integrates Trivy's security scanning capabilities with VS Code and other MCP-enabled tools.
- Natural Language Scanning: Ask questions about security issues in natural language
- Multiple Scan Types:
- Filesystem scanning for local projects
- Container image vulnerability scanning
- Remote repository security analysis
- Integration with Aqua Platform: Optional integration with Aqua Security's platform for enhanced scanning capabilities and assurance policy compliance
- Flexible Transport: Support for stdio, streamable HTTP, and SSE (Server-Sent Events) transport protocols
- IDE Integration: Seamless integration with VS Code, Cursor, JetBrains IDEs, and Claude Desktop
trivy plugin install mcptrivy mcpFor comprehensive documentation, please see the docs directory:
- Installation Guide
- Quick Start Guide
- Configuration Options
- IDE Integration
- Example Queries
- Authentication
After setting up the plugin and configuring your IDE, you can start asking security-related questions:
Are there any vulnerabilities or misconfigurations in this project?
For more examples, see the Example Queries page.
MIT License - see the LICENSE file for details.