diff --git a/README.md b/README.md
index e1b318e546048cb1074cf9fa13413b00d38c21bc..a7e5813e7a8b2138b23a7dc145f8a1e71e2f2127 100644
--- a/README.md
+++ b/README.md
@@ -372,7 +372,7 @@ The Kubernetes template uses some global configuration used throughout all jobs.
 
 | Input / Variable | Description                                                                                                                                                             | Default value                                                                                          |
 | --------------------- | -------------------------------------- | ----------------- |
-| `kubectl-image` / `K8S_KUBECTL_IMAGE` | the Docker image used to run Kubernetes `kubectl` commands <br/>:warning: **set the version required by your Kubernetes server**                                        | `registry.hub.docker.com/bitnami/kubectl:latest`                                                       |
+| `kubectl-image` / `K8S_KUBECTL_IMAGE` | the Docker image used to run Kubernetes `kubectl` commands <br/>:warning: **set the version required by your Kubernetes server**                                        | `registry.hub.docker.com/bitnami/kubectl:latest`                                                       <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-K8S_KUBECTL_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-K8S_KUBECTL_IMAGE) |
 | `base-app-name` / `K8S_BASE_APP_NAME` | Default application name                                                                                                                                                | `$CI_PROJECT_NAME` ([see GitLab doc](https://docs.gitlab.com/ee/ci/variables/predefined_variables.html)) |
 | `environment-url` / `K8S_ENVIRONMENT_URL`    | Default environments url _(only define for static environment URLs declaration)_<br/>_supports late variable expansion (ex: `https://%{environment_name}.k8s.acme.com`)_ | _none_                                                                                                 |
 | `KUBE_CONTEXT`      | Defines the context to be used in `KUBECONFIG`. When using [GitLab agents with the CI/CD workflow](https://docs.gitlab.com/ee/user/clusters/agent/ci_cd_workflow.html), the value should be like `path/to/agent/project:agent-name`. To use different agents per environment, define an [environment-scoped CI/CD variable](https://docs.gitlab.com/ee/ci/environments/index.html#limit-the-environment-scope-of-a-cicd-variable) for each agent. | _none_ |
@@ -471,7 +471,7 @@ Here are its parameters:
 
 | Input / Variable | Description                                                          | Default value     |
 | ---------------------- | -------------------------------------------------------------------- | ----------------- |
-| `kube-score-image` / `K8S_KUBE_SCORE_IMAGE` | Docker image to run [kube-score](https://github.com/zegl/kube-score) | `registry.hub.docker.com/zegl/kube-score:latest` **it is recommended to set a tool version compatible with your Kubernetes cluster** |
+| `kube-score-image` / `K8S_KUBE_SCORE_IMAGE` | Docker image to run [kube-score](https://github.com/zegl/kube-score) | `registry.hub.docker.com/zegl/kube-score:latest` **it is recommended to set a tool version compatible with your Kubernetes cluster** <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-K8S_KUBE_SCORE_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-K8S_KUBE_SCORE_IMAGE) |
 | `score-disabled` / `K8S_SCORE_DISABLED` | Set to `true` to disable the `kube-score` analysis                             | _none_ (enabled) |
 | `score-extra-opts` / `K8S_SCORE_EXTRA_OPTS` | [Additional options](https://github.com/zegl/kube-score#configuration) to `kube-score` command line | _none_ |