{
  "skill": "trivy",
  "kind": "external",
  "needs": [
    "docker-image"
  ],
  "produces": [
    "image-cve-report"
  ],
  "constraints": [
    "скан Docker-образов в CI перед push в registry",
    "НЕ скан кода (Semgrep)"
  ],
  "preview-form": "none",
  "defaults": [
    "trivy image перед push в Yandex Container Registry"
  ],
  "key-decisions": [
    "порог severity для блока"
  ],
  "acceptance-criteria": [
    "0 критичных CVE в образе"
  ],
  "source": {
    "version": "n/a",
    "hash": "0000000000000000000000000000000000000000000000000000000000000000",
    "path": ""
  }
}