MCP Server Finder
G

Grype

Created May 26, 2020 by anchore

Categories

Security Vulnerability

Language:

Go

Stars:

11.4K

Forks:

731

View on Github

README

Grype

A vulnerability scanner for container images and filesystems.

  
  
  
  
  
  
  
  

grype-demo

Features

  • Scan container images, filesystems, and SBOMs for known vulnerabilities (see the docs for a full list of supported scan targets)
  • Supports major OS package ecosystems (Alpine, Debian, Ubuntu, RHEL, Oracle Linux, Amazon Linux, and more)
  • Supports language-specific packages (Ruby, Java, JavaScript, Python, .NET, Go, PHP, Rust, and more)
  • Supports Docker, OCI, and Singularity image formats
  • Threat & risk prioritization with EPSS, KEV, and risk scoring (see interpreting the results docs)
  • OpenVEX support for filtering and augmenting scan results

[!TIP] New to Grype? Check out the Getting Started guide for a walkthrough!

Installation

The quickest way to get up and going:

curl -sSfL https://get.anchore.io/grype | sudo sh -s -- -b /usr/local/bin

[!TIP] See Installation docs for more ways to get Grype, including Homebrew, Docker, Chocolatey, MacPorts, and more!

The basics

Scan a container image or directory for vulnerabilities:

# container image
grype alpine:latest

# directory
grype ./my-project

Scan an SBOM for even faster vulnerability detection:

# scan a Syft SBOM
grype sbom:./sbom.json

# pipe an SBOM into Grype
cat ./sbom.json | grype

[!TIP] Check out the Getting Started guide to explore all of the capabilities and features.

Want to know all of the ins-and-outs of Grype? Check out the CLI docs and configuration docs.

Contributing

We encourage users to help make these tools better by submitting issues when you find a bug or want a new feature. Check out our contributing overview and developer-specific documentation if you are interested in providing code contributions.

Grype development is sponsored by Anchore, and is released under the Apache-2.0 License. The Grype logo by Anchore is licensed under CC BY 4.0

For commercial support options with Syft or Grype, please contact Anchore.

Come talk to us!

The Grype Team holds regular community meetings online. All are welcome to join to bring topics for discussion.

Last updated: Jan 21, 2026

More MCP servers built with Go

Kubernetes

Production-Grade Container Scheduling and Management

By kubernetes 120K
fzf

:cherry_blossom: A command-line fuzzy finder

By junegunn 77.2K
Moby

The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems

By moby 71.4K