scan_image
Scan Docker images for known vulnerabilities, returning a summary of critical, high, medium, and low findings with package names and fix availability.
Instructions
Scan a Docker image for known vulnerabilities using Trivy. Returns a summary of critical/high/medium/low vulnerabilities with package names and fix availability.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| tag | No | Image tag (appended to image if provided) | |
| image | Yes | Docker image name (e.g. 'nginx', 'ubuntu:22.04') | |
| timeout | No | Scan timeout in seconds (default: 120) | |
| severity | No | Comma-separated severities to filter (default: CRITICAL,HIGH,MEDIUM) | |
| ignore_unfixed | No | Ignore vulnerabilities without a fix version |