How I Built a Local AI Docker Vulnerability Scanner (No API Costs, No Cloud)

How I Built a Local AI Docker Vulnerability Scanner (No API Costs, No Cloud) The Problem with Trivy Output Running Trivy gives you a wall of CVE numbers. Most developers copy-paste them into Google and spend 20 minutes figuring out if each one actually matters for their use case. I built a tool that fixes this. What I Built A local AI wrapper around Trivy that: Scans any Docker image Takes the raw CVE output Feeds it to Ollama (local LLM — no API costs) Returns plain English explanations + specific fix recommendations The Interesting Finding nginx:1.27-alpine: 14 vulnerabilities nginx:alpine: 3 vulnerabilities Same base image family — pinned version had 4.5x more CVEs. The AI caught this pattern and recommended variants to compare automatically. Tech Stack Python 3.11 Trivy (vulnerability scanner) Ollama + Llama 3.2 (local LLM) Zero cloud dependencies How It Works (Code Walkthrough) The scanner has three moving parts: Trivy does the heavy lifting of CVE detection, Python orchestrates e

How I Built a Local AI Docker Vulnerability Scanner (No API Costs, No Cloud)

Related Articles

fosdemflix

Akhuwat loans foundation bank 2026

Ding-dong! The Exploration Upper Stage is dead

My first Medium article

X is testing a new ad format that connects posts with products

Related Articles

News
fosdemflix
Lobsters • 35m ago

News
Akhuwat loans foundation bank 2026
Medium Programming • 54m ago

News
Ding-dong! The Exploration Upper Stage is dead
Ars Technica • 1h ago

News
My first Medium article
Medium Programming • 2h ago

News
X is testing a new ad format that connects posts with products
TechCrunch • 2h ago