agent-bom Scan

Version updated for https://github.com/msaad00/agent-bom to version v0.75.9.

• This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Summary:
The agent-bom GitHub Action automates the discovery, analysis, and mapping of vulnerabilities in AI agent dependencies, infrastructure, and supply chains. It identifies the blast radius of CVEs by tracing potential exposure paths from affected packages to AI agents, credentials, and tools, providing actionable insights for mitigating risks. Key capabilities include scanning MCPs, software dependencies, containers, cloud infrastructure, and sensitive data exposure, offering a comprehensive security posture for AI-driven environments.

Release notes

What’s Changed

• Fix MCP registry publish diagnostics by @msaad00 in https://github.com/msaad00/agent-bom/pull/1097
• Fix MCP Registry PyPI publish marker by @msaad00 in https://github.com/msaad00/agent-bom/pull/1098
• Align 0.75.8 release surfaces and claims by @msaad00 in https://github.com/msaad00/agent-bom/pull/1099
• Harden final OpenSSF release surfaces by @msaad00 in https://github.com/msaad00/agent-bom/pull/1100
• Add non-failing mode for package checks by @msaad00 in https://github.com/msaad00/agent-bom/pull/1101
• Harden project-scoped scan coverage by @msaad00 in https://github.com/msaad00/agent-bom/pull/1102
• Guard MCP and PyPI release metadata by @msaad00 in https://github.com/msaad00/agent-bom/pull/1103
• Harden npm version resolution continuity by @msaad00 in https://github.com/msaad00/agent-bom/pull/1104
• Align release-facing surfaces before republish by @msaad00 in https://github.com/msaad00/agent-bom/pull/1105
• chore: bump version to 0.75.9 by @msaad00 in https://github.com/msaad00/agent-bom/pull/1106

Full Changelog: https://github.com/msaad00/agent-bom/compare/v0...v0.75.9

• msaad00
• GitHub Actions