MIT License
Trivy MCP Server Plugin
This plugin starts a Model Context Protocol (MCP) server that integrates Trivy's security scanning capabilities with VS Code and other MCP-enabled tools.
Features
- Natural Language Scanning: Ask questions about security issues in natural language
- Multiple Scan Types:
- Filesystem scanning for local projects
- Container image vulnerability scanning
- Remote repository security analysis
- Integration with Aqua Platform: Optional integration with Aqua Security's platform for enhanced scanning capabilities and assurance policy compliance
- Flexible Transport: Support for both stdio and SSE (Server-Sent Events) transport protocols
- IDE Integration: Seamless integration with VS Code, Cursor, JetBrains IDEs, and Claude Desktop
Quick Start
Installation
Starting the Server
Documentation
For comprehensive documentation, please see the docs directory:
- Installation Guide
- Quick Start Guide
- Configuration Options
- IDE Integration
- Example Queries
- Authentication
Example Query
After setting up the plugin and configuring your IDE, you can start asking security-related questions:
For more examples, see the Example Queries page.
Demo
In the quick demo below, I cover what Trivy MCP Server can help you achieve. Turn up the volume to hear a running commentary
https://github.com/user-attachments/assets/125791b0-3164-4dcc-8fb3-e45481a9cbf7
License
MIT License - see the LICENSE file for details.
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Trivy
Related MCP Servers
- MIT License
- Apache 2.0