SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubRun DevOpsDevOpsSecurityIntegration

container-grype

Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
77
Hot score
93
Updated
March 20, 2026
Overall rating
C3.0
Composite score
3.0
Best-practice grade
S96.0

Install command

npx @skill-hub/cli install agentsecops-secopsagentkit-container-grype
container-securityvulnerability-scanningscasbomcvsscvedockergrype

Repository

AgentSecOps/SecOpsAgentKit

Skill path: skills/devsecops/container-grype

Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.

Open repository

Best for

Primary workflow: Run DevOps.

Technical facets: DevOps, Security, Integration.

Target audience: Devsecops teams looking for install-ready agent workflows..

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: AgentSecOps.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install container-grype into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/AgentSecOps/SecOpsAgentKit before adding container-grype to shared team environments
  • Use container-grype for devsecops workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

container-grype | SkillHub