Docker is everywhere! You should be testing for Docker Images vulberabilities and outdated packages. Snyk offers a free scanning tool for docker images.
See usage guide on Snyk Github Repo
Save the Snyk API Key as a Secret in Github
SNYK_TOKEN- the username used to access the Snyk UI and scanning tool