Best Trivy MCP Servers
Trivy is a comprehensive open source vulnerability scanner for containers and other artifacts, maintained by Aqua Security.
Why this server?
Scans Docker images and local filesystems for OS and library vulnerabilities, misconfigurations, and secrets using Trivy.
AlicenseAqualityAmaintenanceAI-powered security code review for Claude Code that runs multiple scanners (CodeQL, Semgrep, etc.) to detect vulnerabilities, secrets, and dependency CVEs, producing prioritized reports.Last updated23MITWhy this server?
Allows running Trivy scans for vulnerability and security issue detection.
AlicenseBqualityBmaintenanceEnables AI agents to manage the entire ArvanCloud platform (compute, networking, storage, CDN, DNS, etc.) plus a cloud-DevOps toolbox for provisioning, Kubernetes, IaC, security, and networking through natural language.Last updated100MITWhy this server?
Provides vulnerability scanning for Terraform configurations.
AlicenseAqualityDmaintenanceA Model Context Protocol (MCP) server for producing better Terraform through CLI analysis (tflint, checkov, trivy, kics, infracost), best-practice guidance from terraform-best-practices.com, cloud provider recommendations (Azure, AWS, GCP), and Terraform Registry resource and module guidance.Last updated181511MITWhy this server?
Integrates security scanning capabilities for container images and infrastructure configurations to identify vulnerabilities.
AlicenseBqualityDmaintenanceAn MCP server that enables Claude to manage infrastructure across Kubernetes, Docker, Prometheus, and Terraform through natural language. It provides over 42 specialized tools with a safety-first design, including risk-based command classification and audit logging.Last updated43MITWhy this server?
Integrates with Trivy to scan Docker images for CVEs and provide security vulnerability summaries.
AlicenseBqualityBmaintenanceManage your entire Docker infrastructure through natural language with 180 tools.Last updated1001910MITWhy this server?
Provides CVE vulnerability scanning using Trivy.
AlicenseBqualityCmaintenanceA comprehensive MCP server for infrastructure operations with 92 tools across 13 categories, covering system monitoring, networking, containers, multi-cloud management, databases, CI/CD, IaC, security, and remote SSH fleet management.Last updated921MITWhy this server?
Integrates Trivy vulnerability scanning for Java projects to detect CVEs and security issues in dependencies.
AlicenseBqualityCmaintenanceMaven MCP Server enables AI assistants to manage Maven dependencies through natural language, including version checking, security scanning, and dependency analysis.Last updated5MITWhy this server?
Provides access to Trivy for vulnerability scanning of containers, filesystems, and repositories, integrated into AI-driven security pipelines.

SecPipeofficial
FlicenseAqualityFmaintenanceEnables AI agents to orchestrate security research workflows by connecting to containerized security tools via MCP, allowing automated vulnerability analysis and pipeline execution.Last updated24798Why this server?
Enables software composition analysis (SCA) and security assessments using Trivy to find vulnerabilities in project dependencies.
AlicenseBqualityDmaintenanceAn MCP server that integrates SAST, DAST, and SCA security tools to enable AI-driven vulnerability scanning and automated security reporting. It allows AI assistants to execute and analyze results from tools like Semgrep, OWASP ZAP, and Trivy within a DevSecOps workflow.Last updated6MIT