# Trivy ignore file for Reversecore_MCP
# Ignore false positives in external dependencies and third-party tools

# pip vulnerability (MEDIUM/LOW) - pip is in the build virtualenv
CVE-2025-8869
CVE-2026-3219
CVE-2026-6357
CVE-2026-1703

# False positive secrets in third-party libraries (hcli / ida-hcli)
jwt-token
