II.
Tool JSON
Structured · livetool:trivy
Trivy json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "tool:trivy",
"_kind": "Tool",
"_file": "domain/tools/tools-security-observability.yaml",
"_cluster": "domain",
"attributes": {
"displayName": "Trivy",
"homepageUrl": "https://github.com/aquasecurity/trivy",
"kind": "security",
"description": "Comprehensive open-source vulnerability scanner for containers, filesystems, Git repos,\nKubernetes clusters, and IaC files. Detects OS packages, language dependencies, misconfigurations,\nand exposed secrets with zero-configuration operation.\n"
},
"outgoingEdges": [
{
"from": "tool:trivy",
"to": "language:go",
"kind": "belongs_to_language"
},
{
"from": "tool:trivy",
"to": "skill-area:container-security",
"kind": "tool_used_by",
"attributes": {}
},
{
"from": "tool:trivy",
"to": "skill-area:vulnerability-scanning",
"kind": "tool_used_by",
"attributes": {}
},
{
"from": "tool:trivy",
"to": "skill-area:vulnerability-scanning",
"kind": "used_for"
},
{
"from": "tool:trivy",
"to": "skill-area:runtime-security",
"kind": "used_for"
},
{
"from": "tool:trivy",
"to": "tool:snyk",
"kind": "alternative_to",
"attributes": {
"comparison": "Security scanning — Trivy is open-source CLI; Snyk is a commercial platform"
}
},
{
"from": "tool:trivy",
"to": "tool:checkov",
"kind": "alternative_to",
"attributes": {
"comparison": "Security scanning — Trivy covers containers+IaC; Checkov focuses on IaC"
}
},
{
"from": "tool:trivy",
"to": "tool:tfsec",
"kind": "alternative_to",
"attributes": {
"comparison": "Security scanning — Trivy is multi-target; tfsec is Terraform-specific"
}
},
{
"from": "tool:trivy",
"to": "tool:sonarqube",
"kind": "alternative_to",
"attributes": {
"comparison": "Code security — Trivy scans dependencies and containers; SonarQube scans source code"
}
}
],
"incomingEdges": [
{
"from": "specialization:security-compliance",
"to": "tool:trivy",
"kind": "uses_tool"
},
{
"from": "specialization:security-research",
"to": "tool:trivy",
"kind": "uses_tool"
},
{
"from": "stack-profile:security-operations",
"to": "tool:trivy",
"kind": "composed_of"
},
{
"from": "stack-profile:container-registry-scanning",
"to": "tool:trivy",
"kind": "composed_of"
},
{
"from": "stack-profile:vulnerability-management-platform",
"to": "tool:trivy",
"kind": "composed_of"
},
{
"from": "tool:snyk",
"to": "tool:trivy",
"kind": "alternative_to",
"attributes": {
"comparison": "Security scanning — Snyk is a commercial platform; Trivy is open-source CLI"
}
},
{
"from": "tool:sonarqube",
"to": "tool:trivy",
"kind": "alternative_to",
"attributes": {
"comparison": "Code security — SonarQube scans source code; Trivy scans dependencies and containers"
}
},
{
"from": "tool:checkov",
"to": "tool:trivy",
"kind": "alternative_to",
"attributes": {
"comparison": "Security scanning — Checkov focuses on IaC; Trivy covers containers+IaC"
}
},
{
"from": "tool:tfsec",
"to": "tool:trivy",
"kind": "alternative_to",
"attributes": {
"comparison": "Security scanning — tfsec is Terraform-specific; Trivy is multi-target"
}
},
{
"from": "tool-server:mcp-trivy",
"to": "tool:trivy",
"kind": "integrates_with",
"attributes": {}
}
]
}