diff --git a/README.md b/README.md
index 8a8cf420a16cebf586a159acaae1edadc4f6ae17..4db4a8cce4b7c1d520635b39efa7ee97c85df40d 100644
--- a/README.md
+++ b/README.md
@@ -317,7 +317,7 @@ The Docker Compose template uses some global configuration used throughout all j
| Input / Variable | Description | Default value |
| ------------------------ |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| ----------------- |
-| `image` / `DCMP_IMAGE` | The Docker image used to run Docker Compose CLI commands | `registry.hub.docker.com/library/docker:latest` |
+| `image` / `DCMP_IMAGE` | The Docker image used to run Docker Compose CLI commands | `registry.hub.docker.com/library/docker:latest` <br/>[](https://to-be-continuous.gitlab.io/doc/secu/trivy-DCMP_IMAGE) |
| `cmd` / `DCMP_CMD` | The docker compose or stack command (`docker compose`, `docker-compose` or `docker stack`) | _none_ (auto) |
| `base-app-name` / `DCMP_BASE_APP_NAME`| Base application name | `$CI_PROJECT_NAME` ([see GitLab doc](https://docs.gitlab.com/ee/ci/variables/predefined_variables.html)) |
| `environment-url` / `DCMP_ENVIRONMENT_URL`| Default environments url _(only define for static environment URLs declaration)_<br/>_supports late variable expansion (ex: `https://%{environment_name}.docker-compose.acme.com`)_ | _none_ |