https://github.com/aquasecurity/trivy
· scanned 2026-06-04 04:11 UTC (1 day, 13 hours ago)
· 10 languages
259 findings (135 legacy + 124 scanner) 11/13 scanners ran 70th percentile · Go · large (100-500K LoC) Scanner says 74 (higher by 14)
Last scanned 1 day, 13 hours ago · v2 · 197 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
| Component | Sub-score | Weight | Contribution |
|---|---|---|---|
structure_score |
85.0 | 0.15 | 12.75 |
security_score |
100.0 | 0.25 | 25.00 |
testing_score |
85.0 | 0.20 | 17.00 |
documentation_score |
88.0 | 0.15 | 13.20 |
practices_score |
86.0 | 0.15 | 12.90 |
code_quality |
75.0 | 0.10 | 7.50 |
| Overall | 1.00 | 88.3 |
Top 10 actions, ranked by impact × ease. Severity drives impact; tag-based fix-clarity drives ease.
contrib/install.shpkg/dependency/parser/java/jar/parse.go:129pkg/fanal/analyzer/language/dart/pub/testdata/happy/cache/hosted/pub.dev/crypto-3.0.3/pubspec.yaml:3pkg/fanal/analyzer/sbom/testdata/sbom-without-app-component.spdx.json:82pkg/fanal/analyzer/pkg/apk/apk.go:227pkg/digest/digest.go:23pkg/sbom/cyclonedx/marshal.go:279pkg/sbom/cyclonedx/unmarshal.go:267pkg/sbom/spdx/marshal.go:517pkg/sbom/spdx/unmarshal.go:257Click "Find this gap" on any action above to jump to it on the Findings tab. Adjust the chip bar to filter by impact (severity), layer, or source.
This page is publicly accessible at:
https://repobility.com/scan/6d822e81-bd19-495a-8800-a4180542b150/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/6d822e81-bd19-495a-8800-a4180542b150/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.