trivy
OfficialAgent-readyInfraSecurityImage scanning, vulns, and iac checks from the terminal.
The official CLI from Aqua Security. Image scanning, vulns, and iac checks from the terminal. Supports structured output — good for scripts and agents.
Task fit
image scanning, vulns, and iac checks from the terminal.
Lane
Work with Kubernetes, Terraform, containers, and ops tooling with more confidence.
Operator brief
Use trivy for image scanning, vulns, and iac checks from the terminal.
Run `trivy image node:20` and see what comes back.
Repository family
Aqua Security
First trust check
trivy responds locally and is ready for the first real command.
Safe first loop
Install, verify, then run one real command.
Infra inspection loop
Install command
$ brew install trivyOperator pack
Copy or export the working notes for this CLI before handing it to an agent.
Verify
$ trivy --versiontrivy responds locally and is ready for the first real command.
First real command
$ trivy image node:20First steps
- 01Install trivy.
- 02Run `trivy --version` first.
- 03Start with `trivy image node:20`.
- 04Install the infra CLI and verify kubeconfig, Docker context, or cloud credentials.
When to use / hold off when
Best for
image scanning, vulns, and iac checks from the terminal.
Use this when
You want security scanning you can script with structured output.
Hold off when
Trust and constraints
Why operators pick it
- trivy fits infra well, especially for image scanning, vulns, and iac checks from the terminal.
- It is the official CLI from Aqua Security.
- Good for scripts and agents.
Constraints
- Run the verify command first.
Repository context
Other CLIs in this family
This is the only CLI surfaced from this family right now.