Security scanner and graph for agentic infrastructure — agents, MCP, runtime, and blast radius.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for agent-bom from gravatar.com agent-bom
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Tags ai-bom , sbom , mcp , mcp-server , security , ai-agents , vulnerability , supply-chain , owasp , mitre-atlas , nist-ai-rmf , blast-radius , cve , llm-security , remediation , mcp-introspection , openclaw , ai-enrichment , credential-exposure , config-security , ai-supply-chain , ai-infrastructure , gpu-security , cuda , pytorch , openssf-scorecard , malicious-package-detection , runtime-monitoring , model-provenance
  • Requires: Python >=3.11
  • Provides-Extra: api , otel , ui , aws , azure , gcp , coreweave , databricks , snowflake , nebius , huggingface , wandb , openai , ai-enrich , graph , pdf , postgres , watch , runtime , visual , mcp-server , dashboard , snyk , oidc , saml , cloud , docs , dev , dev-all
Classifiers
Report project as malware

Project description

agent-bom

Open security scanner for AI supply chain — agents, MCP servers, packages, containers, cloud, GPU, and runtime.

Start with the demo, then choose the entrypoint that matches your first job: repo scan, image scan, cloud posture, fix plan, dashboard, or runtime review.

CVE-2025-1234  (CRITICAL · CVSS 9.8 · CISA KEV)
  |── better-sqlite3@9.0.0  (npm)
       |── sqlite-mcp  (MCP Server · unverified · root)
            |── Cursor IDE  (Agent · 4 servers · 12 tools)
            |── ANTHROPIC_KEY, DB_URL, AWS_SECRET  (Credentials exposed)
            |── query_db, read_file, write_file, run_shell  (Tools at risk)

 Fix: upgrade better-sqlite3 → 11.7.0

Blast radius is the core idea: CVE -> package -> MCP server -> agent -> credentials -> tools.

Scan local agent configs, MCP servers, instruction files, lockfiles, containers, cloud posture, GPU surfaces, and runtime evidence.

Try the built-in demo first:

agent-bom agents --demo --offline

The demo uses a curated sample so the output stays reproducible across releases. For real scans, run agent-bom agents, or add -p . to fold project manifests and lockfiles into the same result.

If you want an inspectable sample before scanning your own repo:

agent-bom samples first-run
agent-bom agents --inventory agent-bom-first-run/inventory.json -p agent-bom-first-run --enrich

The bundled first-run stack includes agent inventory, MCP server definitions, placeholder credential environment variable names, Python/npm manifests, and a prompt file. See docs/FIRST_RUN.md in the repository for the guided flow.

See the terminal demo

agent-bom demo

Recommended starting points

pip install agent-bom

agent-bom agents -p .                            # Repo + MCP + package blast radius
agent-bom samples first-run                      # Inspectable sample AI stack
agent-bom check flask@2.2.0 --ecosystem pypi     # Pre-install package verdict
agent-bom image nginx:latest                     # Container image scan
agent-bom agents -p . --remediate remediation.md # Fix-first remediation plan
pip install 'agent-bom[ui]'                      # once, if you want the dashboard
agent-bom serve                                  # API + dashboard + graph explorer

Self-hosted pilot:

curl -fsSL https://raw.githubusercontent.com/msaad00/agent-bom/main/deploy/docker-compose.pilot.yml -o docker-compose.pilot.yml
docker compose -f docker-compose.pilot.yml up -d
# Dashboard -> http://localhost:3000

Production chart from a checked-out repo:

helm upgrade --install agent-bom deploy/helm/agent-bom \
  --namespace agent-bom --create-namespace \
  -f deploy/helm/agent-bom/examples/eks-production-values.yaml

Product views

Dashboard

agent-bom dashboard overview

Focused graph

agent-bom focused graph

What it scans

  • Agents + MCP — MCP clients, servers, tools, transports, trust posture
  • Skills + instructionsCLAUDE.md, AGENTS.md, .cursorrules, .windsurfrules, skills/*
  • Package risk — software supply chain scanning with enrichment and blast radius
  • Container images + IaC — native OCI parsing plus Dockerfile, Terraform, CloudFormation, Helm, and Kubernetes coverage
  • Cloud AI — cloud and AI infrastructure posture across major supported providers
  • Secrets + runtime — MCP proxy, Shield SDK, secrets, and redaction surfaces
  • Compliance + evidence — mapped governance plus ZIP evidence bundles for auditors

Key features

  • Blast radius mapping — CVE → package → MCP server → agent → credentials → tools
  • CWE-aware impact — RCE shows credential exposure, DoS does not
  • Portable outputs — SARIF, CycloneDX, SPDX, HTML, graph, JSON, ZIP evidence bundles, and more
  • MCP server mode — expose agent-bom capabilities directly to MCP clients like Claude, Cursor, Windsurf, and Cortex CoCo / Cortex Code
  • Skill bundle identity — stable bundle hashes for skill and instruction file review
  • Dependency confusion detection — flags internal naming patterns
  • VEX generation — auto-triage with CWE-aware reachability

Read-only. Agentless. No secrets leave your machine unless you explicitly enable an outbound integration.

How the data moves

How agent-bom works

Blast radius

Blast radius

Links

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for agent-bom from gravatar.com agent-bom
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Tags ai-bom , sbom , mcp , mcp-server , security , ai-agents , vulnerability , supply-chain , owasp , mitre-atlas , nist-ai-rmf , blast-radius , cve , llm-security , remediation , mcp-introspection , openclaw , ai-enrichment , credential-exposure , config-security , ai-supply-chain , ai-infrastructure , gpu-security , cuda , pytorch , openssf-scorecard , malicious-package-detection , runtime-monitoring , model-provenance
  • Requires: Python >=3.11
  • Provides-Extra: api , otel , ui , aws , azure , gcp , coreweave , databricks , snowflake , nebius , huggingface , wandb , openai , ai-enrich , graph , pdf , postgres , watch , runtime , visual , mcp-server , dashboard , snyk , oidc , saml , cloud , docs , dev , dev-all
Classifiers

Release history Release notifications | RSS feed

0.88.4

0.88.3

0.88.1

0.87.1

0.87.0

0.86.5

0.86.2

0.86.1

0.85.0

0.84.6

0.84.5

0.84.4

0.84.0

0.83.4

0.83.3

0.83.2

0.82.3

0.82.2

This version

0.82.1

0.81.3

0.81.2

0.81.1

0.81.0

0.80.1

0.80.0

0.78.1

0.78.0

0.76.4

0.76.2

0.76.1

0.76.0

0.75.15

0.75.14

0.75.13

0.75.12

0.75.11

0.75.10

0.75.9

0.75.8

0.75.7

0.75.5

0.75.3

0.75.2

0.75.1

0.75.0

0.74.1

0.74.0

0.72.0

0.71.4

0.71.3

0.71.2

0.71.1

0.71.0

0.70.12

0.70.11

0.70.10

0.70.9

0.70.8

0.70.7

0.70.6

0.70.5

0.70.4

0.70.3

0.70.0

0.69.1

0.68.2

0.68.1

0.68.0

0.67.0

0.66.0

0.65.0

0.64.0

0.63.2

0.63.1

0.63.0

0.62.1

0.62.0

0.60.2

0.60.1

0.60.0

0.59.3

0.59.2

0.59.1

0.59.0

0.58.1

0.57.0

0.56.0

0.55.0

0.54.0

0.51.0

0.50.0

0.38.1

0.38.0

0.36.1

0.36.0

0.35.0

0.34.0

0.33.0

0.32.0

0.31.9

0.31.8

0.31.7

0.31.6

0.31.5

0.31.4

0.31.3

0.31.2

0.31.1

0.31.0

0.29.0

0.28.1

0.28.0

0.27.0

0.26.0

0.25.0

0.24.0

0.22.0

0.20.0

0.19.0

0.18.0

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.3

0.12.2

0.12.1

0.10.1

0.10.0

0.9.1

0.7.0

0.5.0

0.4.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

agent_bom-0.82.1.tar.gz (4.2 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

agent_bom-0.82.1-py3-none-any.whl (3.8 MB view details)

Uploaded Python 3

File details

Details for the file agent_bom-0.82.1.tar.gz.

File metadata

  • Download URL: agent_bom-0.82.1.tar.gz
  • Upload date:
  • Size: 4.2 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for agent_bom-0.82.1.tar.gz
Algorithm Hash digest
SHA256 a9b5eabaa40fa75044c1362e5c8c52e18ee53fe8353c2e6910fbc05ba4959222
MD5 b3fc0500345e469c3867f5833363c7dd
BLAKE2b-256 b71792fa4f806b10d97004e33f8a0df9b3127477bd1f6fb39edbda94089c1685

See more details on using hashes here.

Provenance

The following attestation bundles were made for agent_bom-0.82.1.tar.gz:

Publisher: release.yml on msaad00/agent-bom

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file agent_bom-0.82.1-py3-none-any.whl.

File metadata

  • Download URL: agent_bom-0.82.1-py3-none-any.whl
  • Upload date:
  • Size: 3.8 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for agent_bom-0.82.1-py3-none-any.whl
Algorithm Hash digest
SHA256 b3918eae435be50954657915651322e9da377a8f9801813ffc56b3568eb41911
MD5 388f6cea6cb8b9caa3e3cf8c52c9b07a
BLAKE2b-256 79801473b4c4b70af49b19ee096d4e3d568deae2e0e0f5a29871de0e8da87fef

See more details on using hashes here.

Provenance

The following attestation bundles were made for agent_bom-0.82.1-py3-none-any.whl:

Publisher: release.yml on msaad00/agent-bom

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page