scanning-container-security

Quick Review

This skill provides a generic framework for container security scanning but lacks specific implementation details. The description is vague ('work with security and compliance') and doesn't clearly explain what security scanning capabilities are available. The task knowledge references scripts (snyk_scan.sh, trivy_scan.sh) that presumably contain implementation details, and the 5-step workflow is reasonable but overly generic. Structure is acceptable with logical sections, though the content is heavily templated. Novelty is low because the actual security scanning work appears delegated to standard tools (Snyk, Trivy) that a CLI agent could invoke directly. The skill would benefit from: (1) more specific description of what vulnerabilities are detected, (2) clearer guidance on when to use Snyk vs Trivy, (3) concrete examples of scan outputs and remediation steps, and (4) less boilerplate content that applies to any DevOps task rather than container security specifically.