技能档案

Vulnerability Scanning

Name: Vulnerability Scanning
Author: ShadowAUS

Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.

ShadowAUS0 星标2026年3月4日

职业
分类: 打包与分发

技能内容

Automate security vulnerability detection across code, dependencies, and containers.

Dependency Scanning

# npm audit
npm audit --audit-level=high

# Snyk
snyk test --severity-threshold=high

# Safety (Python)
safety check --full-report

Container Scanning (Trivy)

# Scan container image
trivy image myapp:latest --severity HIGH,CRITICAL

# Scan filesystem
trivy fs --scanners vuln,secret .

Vulnerability Scanning

Dependency Scanning

Container Scanning (Trivy)

GitHub Actions Integration

Vulnerability Scanning

Dependency Scanning

Container Scanning (Trivy)

GitHub Actions Integration

Bun Runtime

Bun Runtime

Python Patterns

Python Patterns

Publish Extension

Minecraft Modpack Server