Trivy MCP Server Plugin

@aquasecurity

a year ago

Trivy plugin for starting an MCP server - experimental

Overview

what is Trivy MCP Server Plugin?

Trivy MCP Server Plugin is an experimental plugin that starts an MCP server, serving as a gateway to Trivy, a vulnerability scanner for containers and other artifacts.

how to use Trivy MCP Server Plugin?

To use the plugin, install it via Trivy's plugin management system and start the MCP server using the command trivy mcp. You can configure it in VSCode to interact with it as an agent.

key features of Trivy MCP Server Plugin?

Experimental MCP server for Trivy
Supports multiple transport options (stdio, sse)
Easy integration with VSCode for scanning projects

use cases of Trivy MCP Server Plugin?

Scanning filesystems for vulnerabilities in open projects.
Checking container images for known vulnerabilities.
Analyzing remote repositories for security issues.

FAQ from Trivy MCP Server Plugin?

Is the MCP Server stable?

No, it is in early-stage development, and users should expect issues.

How do I install the plugin?

Use the command trivy plugin install mcp to install the latest version.

Can I configure the server for different transports?

Yes, you can configure it for stdio or SSE HTTP transport.

Build with ShipAny.