How to run docker scan without contacting


I’m running docker scan in a Jenkins pipeline which is not permitted to contact public/external registries. When I run docker scan, it attempts to contact a registry hosted on but then times out, breaking the build.

Is it only trying to contact this registry to look for containers, or does Snyk retrieve updates, definitions etc. from here?

How would I configure to avoid hitting - and would that reduce the effectiveness of the scan?

Thanks for any pointers that can be given.