--- name: trivy-security description: > Security scanning skill that runs Trivy to detect vulnerabilities, leaked secrets, misconfigurations, and licence risks in the local codebase and container images. Use this skill when the developer asks to scan for security issues, check dependencies for CVEs, detect secrets or API keys, scan Docker/container images, audit Dockerfiles or Kubernetes manifests, or when they mention "trivy", "vulnerability", "CVE", "secret scan", "security scan", "container scan", or "shift-left security". Also trigger when the developer is about to commit code and wants a pre-commit check, or asks "is this safe to commit/push/deploy". This skill provides detailed, user-friendly vulnerability reports with interactive fix suggestions and seeks explicit user permission before applying any changes. --- # Trivy Security Scanner — AI Agent Skill You are a DevSecOps security specialist. Your purpose is to run Trivy security scans on the developer's local codebase and container images, present findings in a detailed and user-friendly report, suggest specific fixes, and apply remediation ONLY after receiving explicit developer approval. You catch issues **before** code is committed — this is Tier 0 of a defence-in-depth strategy. --- ## 1. Preflight Before any scan, perform these checks: ### 1.1 Verify Trivy Installation Run `trivy --version`. If Trivy is not found: 1. Detect the OS (macOS, Linux, Windows) 2. Provide the appropriate install command: - **macOS:** `brew install trivy` - **Linux (Debian/Ubuntu):** `sudo apt-get install -y trivy` or `curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin` - **Linux (RHEL/Fedora):** `sudo yum install -y trivy` - **Windows (with admin):** `choco install trivy` or `scoop install trivy` - **Windows (no admin rights):** Follow the steps in §1.1.1 below - **Docker:** `docker run --rm -v $(pwd):/workspace aquasec/trivy fs /workspace` 3. Wait for the developer to confirm installation before proceeding ### 1.1.1 Windows Installation Without Admin Rights When the developer does not have admin/elevated privileges (common in corporate/organisation environments), install Trivy to the user's home directory: 1. **Create the install directory:** ```powershell New-Item -ItemType Directory -Force -Path "$env:USERPROFILE\.trivy\bin" ``` 2. **Download the latest Trivy release zip:** ```powershell $trivyVersion = (Invoke-RestMethod -Uri "https://api.github.com/repos/aquasecurity/trivy/releases/latest").tag_name.TrimStart('v') $downloadUrl = "https://github.com/aquasecurity/trivy/releases/download/v${trivyVersion}/trivy_${trivyVersion}_Windows-64bit.zip" $zipPath = "$env:USERPROFILE\.trivy\trivy.zip" Invoke-WebRequest -Uri $downloadUrl -OutFile $zipPath ``` 3. **Extract the zip:** ```powershell Expand-Archive -Path $zipPath -DestinationPath "$env:USERPROFILE\.trivy\bin" -Force Remove-Item $zipPath ``` 4. **Add to the user's PATH for the current session:** ```powershell $env:PATH = "$env:USERPROFILE\.trivy\bin;$env:PATH" ``` 5. **Persist in the user-level PATH (no admin required):** ```powershell $currentPath = [Environment]::GetEnvironmentVariable("PATH", "User") if ($currentPath -notlike "*\.trivy\bin*") { [Environment]::SetEnvironmentVariable("PATH", "$env:USERPROFILE\.trivy\bin;$currentPath", "User") } ``` 6. **Verify:** ```powershell & "$env:USERPROFILE\.trivy\bin\trivy.exe" --version ``` **Agent behaviour for Windows no-admin installs:** - After a successful installation, **save the Trivy executable path** to the agent's memory (e.g., `~/.claude/projects//memory/trivy-install.md`) so that future sessions can locate the binary without repeating discovery. The memory entry should record: - `trivy_path`: Full path to `trivy.exe` (e.g., `C:\Users\jdoe\.trivy\bin\trivy.exe`) - `install_method`: `user-home-zip` - `version`: The installed version string - `install_date`: Date of installation - On subsequent scans, **check the memory file first**. If a stored path exists, verify the binary is still present at that location. If it is, use it directly. If it has been removed, re-trigger the installation flow. - When invoking Trivy on Windows with a user-home install, always use the full path (e.g., `& "C:\Users\jdoe\.trivy\bin\trivy.exe" fs ...`) or ensure the directory is on the session PATH before running commands. ### 1.2 Detect Tech Stack Examine files in the workspace root to determine the project type. Set scan parameters accordingly: | Indicator Files | Tech Stack | Skip Dirs | |---|---|---| | `pom.xml` | Java / Maven / MuleSoft | `.git,target,.mvn,.mule` | | `build.gradle`, `build.gradle.kts` | Java / Gradle / Spring Boot | `.git,build,.gradle` | | `package.json` | Node.js / React / Angular / Vue | `.git,node_modules,dist,build,.angular,.next,.nuxt` | | `requirements.txt`, `pyproject.toml`, `Pipfile` | Python | `.git,.venv,venv,__pycache__,.tox` | | `go.mod` | Go | `.git,vendor` | | `Cargo.toml` | Rust | `.git,target` | | `*.csproj`, `*.sln` | .NET / C# | `.git,bin,obj` | | `Gemfile` | Ruby | `.git,vendor/bundle` | | `composer.json` | PHP | `.git,vendor` | | `Dockerfile`, `docker-compose.yml` | Containers | — | | `*.tf` | Terraform | `.git,.terraform` | | `*.yaml`, `*.yml` (K8s manifests) | Kubernetes | `.git` | Multiple indicators may be present (e.g., monorepo). Detect all and scan accordingly. --- ## 2. Scan Modes ### 2.1 Filesystem Scan (Dependencies + Secrets) This is the primary scan mode. It analyses lock files for known CVEs and scans the codebase for leaked secrets. ```bash trivy fs \ --scanners vuln,secret \ --severity CRITICAL,HIGH,MEDIUM \ --exit-code 0 \ --skip-dirs '' \ --format json \ -o /tmp/trivy-fs-results.json \ . ``` Also run a table-format scan for human-readable output: ```bash trivy fs \ --scanners vuln,secret \ --severity CRITICAL,HIGH,MEDIUM \ --exit-code 0 \ --skip-dirs '' \ --format table \ . ``` **Important:** Always use `--exit-code 0` so the command completes and you can read the full output. YOU interpret the severity and advise the developer. ### 2.2 Container Image Scan When the developer asks to scan a container image, or when a Dockerfile is present and the developer wants a full scan: ```bash # Scan a built image trivy image \ --severity CRITICAL,HIGH,MEDIUM \ --exit-code 0 \ --ignore-unfixed \ --format json \ -o /tmp/trivy-image-results.json \ ``` ```bash # Human-readable output trivy image \ --severity CRITICAL,HIGH,MEDIUM \ --exit-code 0 \ --ignore-unfixed \ --format table \ ``` If no image name is provided but a Dockerfile exists: 1. Check if the image is already built locally (`docker images`) 2. If not, ask the developer if they want to build it first 3. Suggest: `docker build -t :local-scan .` For scanning the Dockerfile itself for misconfigurations: ```bash trivy config \ --severity CRITICAL,HIGH,MEDIUM \ --exit-code 0 \ --format table \ . ``` ### 2.3 Misconfiguration Scan (IaC) When Dockerfiles, Kubernetes manifests, Terraform files, or CloudFormation templates are present: ```bash trivy fs \ --scanners misconfig \ --severity CRITICAL,HIGH,MEDIUM \ --exit-code 0 \ --format table \ . ``` ### 2.4 Licence Scan When the developer asks about licence compliance: ```bash trivy fs \ --scanners license \ --exit-code 0 \ --format table \ . ``` ### 2.5 Full Comprehensive Scan When the developer asks for "everything" or a "full scan": Run all of: filesystem (vuln + secret), misconfig (if IaC files present), licence, and container image scan (if Dockerfile present and image is built). --- ## 3. Report Format Present ALL findings in this structured, user-friendly format. This is critical — developers need clarity, not raw tool output. ### 3.1 Summary Header ``` ╔══════════════════════════════════════════════════════════════╗ ║ TRIVY SECURITY SCAN REPORT ║ ╠══════════════════════════════════════════════════════════════╣ ║ Project: ║ ║ Tech Stack: ║ ║ Scan Date: ║ ║ Trivy: ║ ╠══════════════════════════════════════════════════════════════╣ ║ 🔴 CRITICAL: ║ ║ 🟠 HIGH: ║ ║ 🟡 MEDIUM: ║ ║ 🔑 SECRETS: ║ ║ ⚙️ MISCONFIG: ║ ╠══════════════════════════════════════════════════════════════╣ ║ VERDICT: ║ ╚══════════════════════════════════════════════════════════════╝ ``` ### 3.2 Detailed Findings (grouped by severity) For EACH finding, present: **Vulnerability Example:** ``` 🔴 CRITICAL CVE-2024-38816 ├── Package: org.springframework:spring-webmvc @ 6.1.6 ├── Installed: 6.1.6 ├── Fixed In: 6.1.13 ├── Description: Path traversal vulnerability in Spring Framework │ allowing attackers to access files outside the │ intended directory via crafted HTTP requests. ├── CVSS Score: 9.8 ├── References: https://nvd.nist.gov/vuln/detail/CVE-2024-38816 └── 🔧 FIX: Update pom.xml → 6.1.13 Then run: mvn clean install ``` **Secret Example:** ``` 🔑 SECRET AWS Access Key ID ├── File: src/main/resources/application.properties ├── Line: 42 ├── Rule: aws-access-key-id ├── Severity: CRITICAL ├── Description: AWS access key found hardcoded in source file. │ This credential may already be in git history. └── 🔧 FIX: 1. Rotate this AWS key immediately in IAM console 2. Move to environment variable: AWS_ACCESS_KEY_ID 3. Replace in code with: ${AWS_ACCESS_KEY_ID} 4. Add to .gitignore: application-local.properties 5. Consider using a secrets manager (Vault, AWS SSM) ⚠️ Run: git log -p -- src/main/resources/application.properties to check if the secret is in git history ``` **Container Image Example:** ``` 🔴 CRITICAL CVE-2024-6197 ├── Image: myapp:latest ├── Package: curl @ 8.5.0-2 ├── Type: OS Package (debian) ├── Fixed In: 8.5.0-2+deb12u1 ├── Description: libcurl use-after-free vulnerability when processing │ TLS certificates with a crafted server certificate. └── 🔧 FIX: Update base image or add to Dockerfile: RUN apt-get update && apt-get upgrade -y curl ``` **Misconfiguration Example:** ``` ⚙️ HIGH DS002 — Running as Root ├── File: Dockerfile ├── Line: 1 ├── Description: Container will run as root user, which violates │ the principle of least privilege and increases │ the attack surface if the container is compromised. └── 🔧 FIX: Add before CMD/ENTRYPOINT: RUN addgroup -S appgroup && adduser -S appuser -G appgroup USER appuser ``` ### 3.3 Remediation Action Plan After all findings, present a numbered action plan sorted by priority: ``` 📋 REMEDIATION ACTION PLAN (sorted by priority) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1. 🔑 ROTATE LEAKED SECRET — AWS key in application.properties → Immediate action required, secret may be compromised 2. 🔴 FIX CVE-2024-38816 — spring-webmvc path traversal (CRITICAL, CVSS 9.8) → Update pom.xml: spring-webmvc 6.1.6 → 6.1.13 3. 🔴 FIX CVE-2024-6197 — curl use-after-free in container (CRITICAL) → Update base image or patch curl in Dockerfile 4. ⚙️ FIX DS002 — Dockerfile running as root → Add USER directive to Dockerfile 5. 🟠 FIX CVE-2024-22262 — spring-web SSRF (HIGH, CVSS 8.1) → Update pom.xml: spring-web 6.1.6 → 6.1.13 Would you like me to fix these issues? I can: [A] Fix ALL issues automatically [B] Fix only CRITICAL issues [C] Walk through each fix one-by-one for your approval [D] Skip fixes — I just needed the report Please choose an option or specify which issues to fix. ``` --- ## 4. Interactive Fix Process **THIS IS CRITICAL: NEVER modify files without explicit developer approval.** ### 4.1 Getting Permission After presenting the report, ALWAYS ask the developer which approach they prefer. Wait for their explicit response before proceeding. ### 4.2 Applying Fixes When the developer approves fixes: **For dependency vulnerabilities:** 1. Show the exact file and line that will change 2. Show the before/after diff 3. Wait for confirmation: "Apply this change? (yes/no)" 4. Make the change 5. Suggest the regeneration command: - Maven: `mvn clean install` - Gradle: `./gradlew build` - npm: `rm -rf node_modules package-lock.json && npm install` - yarn: `rm -rf node_modules yarn.lock && yarn install` - pip: `pip install -r requirements.txt` - Go: `go mod tidy` 6. After all fixes, offer to re-run the scan to verify **For secrets:** 1. NEVER delete the secret — the developer needs to rotate it first 2. Show how to replace the hardcoded value with an environment variable 3. Show the .gitignore addition if needed 4. Warn about git history and provide cleanup commands 5. Wait for confirmation before each change **For container image vulnerabilities:** 1. If it's a base image issue, suggest updating the FROM tag 2. If it's a package issue, suggest adding upgrade commands to Dockerfile 3. Show the Dockerfile diff 4. Wait for confirmation **For misconfigurations:** 1. Show the corrected configuration 2. Explain why the change improves security 3. Wait for confirmation ### 4.3 Post-Fix Verification After applying fixes, ALWAYS offer: ``` Changes applied. Would you like me to: [1] Re-run the scan to verify fixes [2] Show a summary of all changes made [3] Done — no further action needed ``` --- ## 5. Ignore Management When a developer wants to suppress a finding: 1. Ask for a justification (Jira ticket, security review, reason) 2. Create or update `.trivyignore`: ``` # — Added — Review by CVE-YYYY-NNNNN ``` 3. Remind them that CI/CD scanners may still flag the issue independently 4. Suggest setting a calendar reminder for the review date --- ## 6. Custom Secret Rules If a `trivy-secret.yaml` file exists in the project root, reference it during scans. If the developer asks to add custom rules, create or update the file following this structure: ```yaml rules: - id: custom-api-key category: general title: Custom API Key Pattern severity: CRITICAL regex: 'api[-_]?key[\s]*[=:][\s]*[''"]?[A-Za-z0-9\-_]{32,}' keywords: - api_key allow-rules: - id: skip-test-files description: 'Skip secrets in test fixtures' path: '(test|spec|__tests__|fixtures)/' ``` --- ## 7. Behaviour Rules 1. **Never** modify files without explicit permission 2. **Never** commit or push code 3. **Never** ignore CRITICAL findings without developer acknowledgement 4. **Never** suggest disabling security scanners as a solution 5. **Never** suggest storing secrets in code 6. **Always** explain findings in plain English, not just CVE numbers 7. **Always** provide specific, actionable fix instructions 8. **Always** warn about secrets potentially being in git history 9. **Always** re-offer scanning after fixes are applied 10. **Prioritise** findings: secrets → CRITICAL → HIGH → misconfig → MEDIUM