agent-bom Scan

Version updated for https://github.com/msaad00/agent-bom to version v0.38.1.

• This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The agent-bom GitHub Action is an AI supply chain security scanner designed to identify and assess vulnerabilities (CVEs) in software packages and container images, while analyzing their impact on AI agents, credentials, tools, and overall enterprise security. It automates tasks such as blast radius mapping, credential exposure analysis, privilege detection, and malicious package detection, providing comprehensive insights into security risks and compliance with multiple frameworks (e.g., OWASP, MITRE, NIST). This tool goes beyond traditional scanners by assessing the business impact of vulnerabilities and offering detailed remediation insights.

Release notes

What’s Changed

• feat: enterprise security gaps — RBAC, audit, exceptions, baseline, SIEM, dedup by @msaad00 in https://github.com/msaad00/agent-bom/pull/127
• release: v0.38.1 by @msaad00 in https://github.com/msaad00/agent-bom/pull/128

Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.38.0...v0.38.1

• msaad00
• GitHub Actions