This skill leverages Aqua Security’s Trivy scanner for comprehensive vulnerability detection across multiple artifact types. It scans container images from registries using the Trivy client-server architecture, identifying OS package and language-specific dependency vulnerabilities. For infrastructure-as-code scanning, it analyzes Terraform HCL files, CloudFormation templates, and Kubernetes manifests against CIS benchmarks and AWS/Azure/GCP best practices. The agent parses Trivy’s JSON output to generate prioritized vulnerability matrices organized by CVSS score, exploitability metrics, and fix availability. License compliance scanning identifies restrictive licenses in dependency trees. Secret detection scans source code and configuration files for exposed credentials, API keys, and tokens. The skill supports custom OPA Rego policies for organization-specific compliance rules. Integration with vulnerability management platforms like DefectDojo enables tracking remediation progress across releases.