validate

.github/workflows/docker-scout.yaml

@@ -19,7 +19,7 @@ jobs:
         with:
           context: ./25-docker-scout
           push: false
-          tags: ${{ steps.meta.outputs.tags }}
+          tags: ${{ github.event.repository.name }}
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -30,7 +30,7 @@ jobs:
         uses: docker/scout-action@v1
         with:
           command: cves
-          image: ${{ steps.meta.outputs.tags }}
+          image: ${{ github.event.repository.name }}
           ignore-unchanged: true
           only-severities: critical,high
           write-comment: true

25-docker-scout/README.md

@@ -142,4 +142,6 @@ While manual scanning is valuable, integrating vulnerability checks into your CI
 
 Docker Scout has a [GitHub Action](https://github.com/docker/scout-action) to run the Docker Scout CLI as part of your workflows.
 
-Here is an example workflow (`.github/workflows/docker-scout.yaml`) which runs Docker Scout on every push and reports only Critical and High vulnerabilities as a comment to a PR. This actions requires authentication to Docker Hub, so we should add `DOCKERHUB_USERNAME` and `DOCKERHUB_TOKEN` to secrets.
+Here is an example workflow (`.github/workflows/docker-scout.yaml`) which runs Docker Scout on every push and reports only Critical and High vulnerabilities as a comment to a PR. This actions requires authentication to Docker Hub, so we should add `DOCKERHUB_USERNAME` and `DOCKERHUB_TOKEN` to secrets.
+
+Incorporating these practices into your workflow empowers developersto streamline vulnerability management and maintain a more secure containerized ecosystem.