feat: use image directly from dockerhub

security-actions/scan-docker-image/action.yml

@@ -303,7 +303,7 @@ runs:
         files: "${{ steps.meta.outputs.scan_image }}"
 
     - name: Generate docker-cis JSON report
-      uses: docker://ghcr.io/aquasecurity/trivy:0.55.2
+      uses: docker://aquasec/trivy:0.55.2
       if: ${{ inputs.skip_trivy_scan != 'true' && steps.meta.outputs.scan_image != '' }}
       id: cis_json
       with: