Do I need Docker installed to use this skill?

Docker is required for building images from Dockerfiles or scanning local images, but directory-based scans for secrets and vulnerabilities can run without it.

How do I configure the required API key?

You can set up your TMAS_API_KEY and install the necessary CLI tools by running the `/trendai-setup` command.

What is the Trend Micro Artifact Scanner (TMAS)?

TMAS is a CLI tool designed to scan cloud-native artifacts like container images and directories for security risks including vulnerabilities, secrets, and malware.

Can this skill identify secrets in my source code?

Yes, the TMAS scanner identifies hardcoded credentials, AWS keys, private certificates, and other sensitive information within your codebase.

Does this skill support multi-region scanning?

Yes, it supports various regions including US East, EU Frankfurt, London, Canada, Japan, Singapore, and Australia via the -r flag.

TrendAI Security Scanner (TMAS)

Name: TrendAI Security Scanner (TMAS)
Author: JustinDPerkins

byJustinDPerkins

0•

보안 및 테스팅

Scans container images and source code for vulnerabilities, secrets, and malware using the TMAS CLI with automatic artifact detection.

The TrendAI Security Scanner (TMAS) skill integrates professional-grade security auditing directly into your Claude Code workflow. It features intelligent zero-prompt auto-detection that identifies Dockerfiles, image tarballs, registry references, and source code directories to apply the appropriate security scan. Beyond just identifying vulnerabilities, it provides comprehensive reporting on hardcoded secrets and malware, while offering drift detection to track how your security posture changes between builds. This skill is essential for developers looking to shift security left and maintain a clean, compliant codebase without leaving their terminal.

주요 기능

01Automatic detection of Dockerfiles, container images, and code directories

02Drift analysis to compare current scan results against previous history

03Support for registry-based scans (Docker Hub, GHCR) and local Docker images

04Detailed markdown reporting with severity levels and remediation steps

050 GitHub stars

06Triple-threat scanning for vulnerabilities (CVEs), secrets, and malware

사용 사례

01Auditing a local project for exposed API keys and secrets before pushing to a remote repository

02Scanning container images for high-severity vulnerabilities and malware before production deployment

03Automatically building and security-testing Dockerfiles to ensure base image compliance

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add justindperkins/trendai-claude-skill trendai-scan-tmas

For use in Claude.ai and ChatGPT

Download Skill