Embed in Dockerfile

    Alternatively you can use Trivy in a multistage build. Thus avoiding the insecure . Also the image is not changed.

    1. [...]
    2. FROM build AS vulnscan
    3. RUN trivy filesystem --exit-code 1 --no-progress /