Trivy is useful for security-oriented agent workflows when scans stay report-first and remediation requires approval.
Supports machine-readable scan output suitable for agent summaries and CI reports.
Can run in shell, CI, or agent sessions without prompts for common scanning tasks.
Scanning is generally safe, but remediation, ignore rules, and policy changes require review.
Help output and documented examples are sufficient for building AGENTS.md command rules.
Install options
$ brew install trivy $ docker run --rm -v "$PWD:/project" aquasec/trivy fs /project Common commands
$ trivy fs --format json --output trivy.json . Scans dependencies and IaC files and writes JSON output.
$ trivy image --format json --output image-scan.json node:22 Scans a container image for vulnerabilities.
$ npm update && npm audit fix Remediation changes dependencies and should require review.
Agent usage examples
Use Trivy to scan and summarize findings. Prefer JSON/SARIF output. Do not edit ignore rules, update dependencies, or delete files without approval. Safety notes
- Run scans in read-only/report mode before allowing an agent to modify files or suppress findings.
- Treat ignore-file edits, policy changes, dependency updates, and destructive cleanup as approval-required.
- Prefer JSON or SARIF output so the agent can cite exact findings instead of paraphrasing terminal text.
Agent workflow
Use Trivy to generate a report before dependency or container changes. Ask the agent to rank findings by severity, package, fixed version, and whether the fix is safe to automate.
Approval boundary
Dependency upgrades, image rebuilds, and policy changes should be proposed, not executed automatically.