🛡️ Sca Trivy
This skill performs comprehensive SCA and vulnerability scanning with Trivy, generating SBOMs and actionable remediation guidance for secure CI/CD.
npx playbooks add skill rohunj/claude-build-workflow --skill sca-trivy
About Sca Trivy
This skill performs comprehensive SCA and vulnerability scanning with Trivy, generating SBOMs and actionable remediation guidance for secure CI/CD.
The 19-word prompt provides structured security guidance — covering detailed methodology and consistent output formats. Install it in one command.
Use Cases
- Auditing code for OWASP Top 10 vulnerabilities
- Implementing authentication and authorization patterns
- Reviewing API security, rate limiting, and input validation
- Hardening infrastructure and dependency security
Example Prompts
System Prompt (19 words)
This skill performs comprehensive SCA and vulnerability scanning with Trivy, generating SBOMs and actionable remediation guidance for secure CI/CD.
Frequently Asked Questions
What is Sca Trivy?
Sca Trivy is a free security skill for AI coding agents. This skill performs comprehensive SCA and vulnerability scanning with Trivy, generating SBOMs and actionable remediation guidance for secure CI/CD.. It provides a specialized system prompt that configures your agent with security expertise.
How do I use Sca Trivy with Claude Code?
Run npx playbooks add skill rohunj/claude-build-workflow --skill sca-trivy in your terminal to install Sca Trivy into your Claude Code session. It works immediately after installation.
Which AI coding agents work with Sca Trivy?
Sca Trivy is compatible with Claude Code, Cursor, GitHub Copilot, Windsurf, OpenClaw, Cline, and any AI agent that supports custom system prompts or .cursorrules files.
Is Sca Trivy free to use?
Yes, Sca Trivy is completely free and open source. The full source is available on GitHub at https://github.com/rohunj/claude-build-workflow/tree/main/skills/security/sca-trivy. You only need a subscription to the AI agent you use it with.
