diff --git a/docker/trivy/start.sh b/docker/trivy/start.sh
index 29235a1..ecf18c6 100644
--- a/docker/trivy/start.sh
+++ b/docker/trivy/start.sh
@@ -1,10 +1,16 @@
 #!/bin/sh
 
 TIMEOUT=${TIMEOUT:-120m}
-SCANNERS=("vuln" "config" "secret")
 IGNORE_UNFIXED=${IGNORE_UNFIXED:-false}
 LOW_PRIORITY=${LOW_PRIORITY:-true}
 
+# Use SCANNERS_ENV if provided, otherwise default to vuln, config, secret
+if [ -n "$SCANNERS_ENV" ]; then
+    IFS=',' read -r -a SCANNERS <<< "$SCANNERS_ENV"
+else
+    SCANNERS=("vuln" "config" "secret")
+fi
+
 run_scan() {
     for SCANNER in "${SCANNERS[@]}"; do
         CURRENT_LOG="/log/trivy_scan_${SCANNER}.log"