Best Trivy MCP Servers

Trivy is a comprehensive open source vulnerability scanner for containers and other artifacts, maintained by Aqua Security.

View all Trivy MCP Servers

Why this server?
Provides methodology and documentation for CVE and dependency scanning, guiding AI agents through vulnerability detection in project dependencies
VibeDefender MCP Server
Penetration Testing Security Documentation Access
yunusj
A
security
A
license
A
quality
Provides security assessment methodology, tool documentation, and step-by-step workflows to guide AI agents through vulnerability scanning, static analysis, and penetration testing of applications and URLs.
Last updated a month ago
1
MIT
Why this server?
Performs container and application vulnerability scanning using Trivy and produces a Software Bill of Materials (SBOM) in CycloneDX format.
MCP SBOM Server
Developer Tools Security Code Analysis
gkhays
A
security
F
license
A
quality
A Model Context Protocol server that performs Trivy scans to generate Software Bill of Materials (SBOM) in CycloneDX format.
Last updated 10 months ago
1
2
Why this server?
Integrates Trivy vulnerability scanner for container image and filesystem security scanning with configurable severity filtering
MCP Shamash
Security Penetration Testing Testing & QA Tools
NeoTecDigital
A
security
F
license
A
quality
Enables security auditing, penetration testing, and compliance validation with tools like Semgrep, Trivy, Gitleaks, and OWASP ZAP. Features strict project boundary enforcement and supports OWASP, CIS, and NIST compliance frameworks.
Last updated 5 months ago
7
Why this server?
Provides vulnerability scanning capabilities for various sources including filesystems, container images, and code repositories, allowing users to identify vulnerabilities and misconfigurations through an MCP server interface.
Trivyofficial
Security Testing & QA Tools Developer Tools
aquasecurity
-
security
A
license
-
quality
Trivy
Last updated a month ago
33
MIT
Why this server?
Provides security scanning capabilities for projects, automatically scanning directories for vulnerabilities and offering automated fixes to update vulnerable dependencies to secure versions across multiple package managers.
Trivy Security Scanner MCP
Testing & QA Tools Security Developer Tools
norbinsh
-
security
A
license
-
quality
Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.
Last updated a year ago
10
MIT
Why this server?
Integrated vulnerability scanner for comprehensive security reports across repositories
Argus
Code Analysis Testing & QA Tools Remote
athapong
-
security
A
license
-
quality
A Model Context Protocol tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.
Last updated a year ago
1
MIT
Why this server?
Performs vulnerability scanning on container images with results uploaded to GitHub Security
mbta-mpc-server
Travel & Transportation Search Location Services
crdant
-
security
A
license
-
quality
mbta-mpc-server
Last updated 8 months ago
MIT
Why this server?
Performs security scans including Software Composition Analysis (SCA) and Infrastructure as Code (IaC) security checks to identify vulnerabilities in dependencies and infrastructure configurations.
Security MCP Server
Security Code Analysis Testing & QA Tools
michoo
-
security
A
license
-
quality
Enables security scanning of codebases through integrated tools for secret detection, SCA, SAST, and DAST vulnerabilities, with AI-powered remediation suggestions based on findings.
Last updated 4 months ago
MIT
Why this server?
Enables container and Infrastructure as Code vulnerability scanning through Trivy integration for Docker images and IaC templates
SAST MCP Server
Security Testing & QA Tools Developer Tools
Sengtocxoen
-
security
A
license
-
quality
Integrates 15+ static application security testing tools (Semgrep, Bandit, TruffleHog, etc.) with Claude Code AI, enabling automated vulnerability scanning and security analysis through natural language commands. Supports cross-platform operation with remote execution on dedicated security VMs.
Last updated 23 days ago
4
MIT

Trivyofficial