trivy-offline-vulnerability-scanning
Use Trivy vulnerability scanner in offline mode to discover security vulnerabilities in dependency files. This skill covers setting up offline scanning, executing Trivy against package lock files, and generating JSON vulnerability reports without requiring internet access.
Best for Air-gapped or restricted ne…Works with GitHubLow risk
⌘source
- author
@benchflow-ai- language
- PDDL
★1kstars
252forks
Apr 20, 2026
✦overview.md
Key Features
- ·Scans dependency lock files for security vulnerabilities
- ·Operates without internet access in offline mode
- ·Generates JSON vulnerability reports
- ·Enables reproducible security audits with fixed databases
- ·Suitable for air-gapped or restricted environments
Use Cases
- →Conducting security audits in air-gapped development environments
- →Running reproducible vulnerability scans in CI/CD pipelines without network latency
- →Performing compliance checks in organizations with strict external connection policies
Best for
- ✓Air-gapped or restricted network environments
- ✓CI/CD pipelines requiring speed and reliability
- ✓Teams needing reproducible security audit results
Not ideal for
- !Projects requiring real-time vulnerability database updates
- !Environments with unrestricted internet access where online scanning suffices
FAQs
name
trivy-offline-vulnerability-scanning
description
Use Trivy vulnerability scanner in offline mode to discover security vulnerabilities in dependency files. This skill covers setting up offline scanning, executing Trivy against package lock files, and generating JSON vulnerability reports without requiring internet access.
Trivy Offline Vulnerability Scanning
This skill provides guidance on using Trivy, an open-source security scanner, to discover vulnerabilities in software dependencies using offline mode.
Overview
Trivy is a comprehensive vulnerability scanner that can analyze various targets including container images, filesystems, and dependency lock files. Offline scanning is crucial for:
- Air-gapped environments without internet access
- Reproducible security audits with fixed vulnerability databases
- Faster CI/CD pipelines avoiding network latency
- Compliance requirements for controlled environments
Why Offline Mode?
Challenges with Online Scanning
- Network dependency introduces failure points
- Database updates can cause inconsistent results across runs
- Slower execution due to download times
- Security policies may restrict external connections
Benefits of Offline Scanning
- Reproducibility: Same database = same results
- Speed: No network overhead
- Reliability: No external dependencies
- Compliance: Works in restricted environments
Trivy Database Structure
Trivy's vulnerability database consists of:
$install
1-click copynpx skills add benchflow-ai/skillsbench --skill trivy-offline-vulnerability-scanningSafety assessment
★
Clarity score
How clear and easy to understand the SKILL.md instructions are, rated from 1 to 5.
3/ 5
goodMostly clear, but there are still a few confusing or poorly structured parts.
◎
Actionability score
How directly an agent can act on the SKILL.md instructions, rated from 1 to 5.
3/ 5
mediumPartially actionable with several concrete steps, but still missing important details.