MIT
Best Trivy MCP Servers
Trivy is a comprehensive open source vulnerability scanner for containers and other artifacts, maintained by Aqua Security.
Why this server?
Provides vulnerability scanning capabilities for various sources including filesystems, container images, and code repositories, allowing users to identify vulnerabilities and misconfigurations through an MCP server interface.
Why this server?
Integrates security scanning capabilities for container images and infrastructure configurations to identify vulnerabilities.
AsecurityAlicense-qualityAn MCP server that enables Claude to manage infrastructure across Kubernetes, Docker, Prometheus, and Terraform through natural language. It provides over 42 specialized tools with a safety-first design, including risk-based command classification and audit logging.Last updated a month ago43MITWhy this server?
Enables software composition analysis (SCA) and security assessments using Trivy to find vulnerabilities in project dependencies.
AsecurityAlicense-qualityAn MCP server that integrates SAST, DAST, and SCA security tools to enable AI-driven vulnerability scanning and automated security reporting. It allows AI assistants to execute and analyze results from tools like Semgrep, OWASP ZAP, and Trivy within a DevSecOps workflow.Last updated 2 months ago6MITWhy this server?
Provides methodology and documentation for CVE and dependency scanning, guiding AI agents through vulnerability detection in project dependencies
AsecurityAlicense-qualityProvides security assessment methodology, tool documentation, and step-by-step workflows to guide AI agents through vulnerability scanning, static analysis, and penetration testing of applications and URLs.Last updated 4 months ago1MITWhy this server?
Integrates Trivy vulnerability scanner for container image and filesystem security scanning with configurable severity filtering
AsecurityFlicense-qualityEnables security auditing, penetration testing, and compliance validation with tools like Semgrep, Trivy, Gitleaks, and OWASP ZAP. Features strict project boundary enforcement and supports OWASP, CIS, and NIST compliance frameworks.Last updated a month ago7Why this server?
Performs security scans including Software Composition Analysis (SCA) and Infrastructure as Code (IaC) security checks to identify vulnerabilities in dependencies and infrastructure configurations.
-securityAlicense-qualityEnables security scanning of codebases through integrated tools for secret detection, SCA, SAST, and DAST vulnerabilities, with AI-powered remediation suggestions based on findings.Last updated 6 months agoMITWhy this server?
Provides security scanning capabilities for projects, automatically scanning directories for vulnerabilities and offering automated fixes to update vulnerable dependencies to secure versions across multiple package managers.
-securityAlicense-qualityProvides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.Last updated a year ago10MITWhy this server?
Enables container and Infrastructure as Code vulnerability scanning through Trivy integration for Docker images and IaC templates
-securityAlicense-qualityIntegrates 15+ static application security testing tools (Semgrep, Bandit, TruffleHog, etc.) with Claude Code AI, enabling automated vulnerability scanning and security analysis through natural language commands. Supports cross-platform operation with remote execution on dedicated security VMs.Last updated a month ago5MITWhy this server?
Integrated vulnerability scanner for comprehensive security reports across repositories