The Trivy Container Image Vulnerability Scanner wraps the Aqua Security Trivy CLI to perform deep vulnerability analysis of container images. It pulls or references local images, scanning both OS-level packages (Alpine apk, Debian dpkg, RHEL rpm) and application dependencies (npm, pip, Go modules, Java Maven). Each detected CVE is enriched with CVSS v3.1 scores, exploit availability data from EPSS, and known fix versions. The skill supports custom severity thresholds—users can set policies like “fail on any HIGH or CRITICAL” for gate checks. It handles multi-stage Docker builds by scanning each layer independently, identifying which build stage introduced a vulnerable package. Output formats include JSON, SARIF, and a human-readable Markdown table. Integrates with vulnerability databases including NVD, GitHub Advisory Database, and Red Hat Security Data API for comprehensive coverage.