Trivy MCP MCP Server

About

## Trivy MCP Server: Comprehensive Vulnerability Scanner The **Trivy MCP Server** integrates Aqua Security's all-in-one scanner into Google Antigravity, enabling vulnerability detection in containers, filesystems, Git repositories, and Kubernetes clusters with detailed CVE analysis. ### Why Trivy MCP? - **All-in-one scanner** - Containers, filesystems, repos, and more - **Fast and accurate** - Quick scans with minimal false positives - **CI/CD friendly** - Easy integration into build pipelines - **Offline capable** - Download vulnerability DB for air-gapped environments - **Multiple formats** - Output in JSON, table, SARIF, and more ### Key Features #### 1. Container Scanning ```python # Scan container image scan = await mcp.call("trivy", "image", { "image": "myapp:latest", "severity": ["CRITICAL", "HIGH"], "ignore_unfixed": True }) print(f"Vulnerabilities: {scan[\"total\"]}") for vuln in scan["vulnerabilities"]: print(f"[{vuln[\"severity\"]}] {vuln[\"vulnerability_id\"]}") print(f" Package: {vuln[\"pkg_name\"]}@{vuln[\"installed_version\"]}") print(f" Fix: {vuln[\"fixed_version\"]}") ``` #### 2. Filesystem Scanning ```python # Scan project directory fs_scan = await mcp.call("trivy", "filesystem", { "path": "/app", "scanners": ["vuln", "secret", "misconfig"], "skip_dirs": ["node_modules/.cache"] }) # Check for secrets for secret in fs_scan.get("secrets", []): print(f"Secret found: {secret[\"category\"]}") print(f" File: {secret[\"target\"]}:{secret[\"line\"]}") ``` #### 3. Kubernetes Scanning ```python # Scan running cluster k8s_scan = await mcp.call("trivy", "kubernetes", { "context": "production", "namespace": "default", "report": "all" }) for resource in k8s_scan["results"]: print(f"{resource[\"kind\"]}/{resource[\"name\"]}") for issue in resource["vulnerabilities"]: print(f" - {issue[\"id\"]}: {issue[\"severity\"]}") ``` #### 4. SBOM Generation ```python # Generate software bill of materials sbom = await mcp.call("trivy", "sbom", { "image": "myapp:latest", "format": "cyclonedx" }) # Scan existing SBOM sbom_scan = await mcp.call("trivy", "sbom_scan", { "sbom_path": "/path/to/sbom.json" }) ``` ### Configuration ```json { "mcpServers": { "trivy": { "command": "npx", "args": ["-y", "@anthropic/mcp-trivy"], "env": { "TRIVY_CACHE_DIR": "/var/cache/trivy", "TRIVY_DB_REPOSITORY": "ghcr.io/aquasecurity/trivy-db" } } } } ``` ### Use Cases **CI/CD Gates**: Block deployments with critical vulnerabilities. **Container Registry**: Scan images before pushing to production. **Compliance**: Generate SBOM for software supply chain requirements. **Runtime Monitoring**: Continuously scan running Kubernetes clusters. The Trivy MCP Server provides comprehensive security scanning for modern infrastructure.

Installation

{
  "mcpServers": {
    "trivy": {}
  }
}

How to Use