turbot/steampipe-plugin-trivy
Use SQL to instantly query advisories, vulnerabilities, packages, findings and more using Trivy. Open source CLI. No DB required.
This project helps security and DevOps engineers quickly identify and investigate vulnerabilities in their container images, file systems, and other artifacts. It allows you to feed in your images or local file systems and query the findings using standard SQL, presenting easily digestible tables of vulnerability IDs, package names, and detailed advisories. It's designed for anyone managing software supply chain security.
Use this if you need to quickly scan and analyze software components for known vulnerabilities using familiar SQL queries.
Not ideal if you're looking for an automated vulnerability remediation tool or a graphical interface for security scanning.
Stars
9
Forks
1
Language
Go
License
Apache-2.0
Category
Last pushed
Mar 25, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/data-engineering/turbot/steampipe-plugin-trivy"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
turbot/steampipe-plugin-aws
Use SQL to instantly query AWS resources across regions and accounts. Open source CLI. No DB required.
turbot/steampipe-plugin-github
Use SQL to instantly query repositories, users, gists and more from GitHub. Open source CLI. No...
turbot/steampipe-plugin-kubernetes
Use SQL to instantly query Kubernetes API resources. Open source CLI. No DB required.
turbot/steampipe-plugin-gcp
Use SQL to instantly query GCP resources across regions, projects and organizations. Open source...
turbot/steampipe-plugin-azure
Use SQL to instantly query Azure resources across regions and subscriptions. Open source CLI. No...